Overview

overview

10

Static

static

10

1776-17-0x...ry.exe

windows7-x64

1776-17-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1776-17-0x0000000000400000-0x0000000000410000-memory.dmp

  • Size

    64KB

  • MD5

    d2f4f9300fe3985863973d320c7ad517

  • SHA1

    691d111e70fcf319c7e5d833e71abf12a56357fb

  • SHA256

    4642a19868425bc6e8bba3db3a06e61a07c80c90213fec2eeeb7dee69dc5044a

  • SHA512

    175759bc595c3d25b4f768a4799bbb665fb34bcaa44e9c13a81e9b8719ae2611ef29b054ea14b599fb64ca00e256043e8ccf13c79c9317519d44b33abce584fc

  • SSDEEP

    768:pUw9W9heo4QMRpE17O59DGObNLFf9dP4OuhKyr3WW:f89heTK1infRFf9dP4Ou8I

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

191.101.130.18:8252

Mutex

9DiMa559vRsnPK3A

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1776-17-0x0000000000400000-0x0000000000410000-memory.dmp
    .exe windows x86


    Headers

    Sections