General

  • Target

    XWorm V5.0.rar

  • Size

    28.7MB

  • Sample

    230909-kwmslsac8x

  • MD5

    9f97070e10a031ad1f5ddd2348cca183

  • SHA1

    5a214672860b54bbc9ca8edc16c22374c89aad07

  • SHA256

    b8d03f7f2884af55dcc069d229b8a96cb323d22fb3e2ab9c6e80033ffc8c61fc

  • SHA512

    118967c839af523584afd7cd9374b9d749452c1ecdba283f1eadeac5d4d1a34e0ec7d9486fdd973f2c6cdb649be2192e1e20b959887f065642a7bbfe12b48898

  • SSDEEP

    786432:jyLCrS3/Hxn8Op25INyrYl4MrK2PjXmwowxyb:mfWv5+yreZZ7Xmw/xyb

Score
10/10

Malware Config

Targets

    • Target

      XWorm V5.0.rar

    • Size

      28.7MB

    • MD5

      9f97070e10a031ad1f5ddd2348cca183

    • SHA1

      5a214672860b54bbc9ca8edc16c22374c89aad07

    • SHA256

      b8d03f7f2884af55dcc069d229b8a96cb323d22fb3e2ab9c6e80033ffc8c61fc

    • SHA512

      118967c839af523584afd7cd9374b9d749452c1ecdba283f1eadeac5d4d1a34e0ec7d9486fdd973f2c6cdb649be2192e1e20b959887f065642a7bbfe12b48898

    • SSDEEP

      786432:jyLCrS3/Hxn8Op25INyrYl4MrK2PjXmwowxyb:mfWv5+yreZZ7Xmw/xyb

    Score
    8/10
    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks