Overview

overview

10

Static

static

10

1788-3-0x0...ry.exe

windows7-x64

10

1788-3-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1788-3-0x0000000002750000-0x000000000275E000-memory.dmp

  • Size

    56KB

  • MD5

    886b2054089258e58ab6a72d9fcc1315

  • SHA1

    ddf77a3f805753661146e13a0d3a9bc5df566dd8

  • SHA256

    31ad0a237415b133986801f477a44d97fc2fd32e3b53b73d620962992a85e066

  • SHA512

    76fc1a278060b5beb4adf3bc3437965286c005c8f8aa41f2bb65ddc260ff982bc7c9fd926825d468534f9f56e64b2c839fee3378303f172915205650281382b0

  • SSDEEP

    1536:BDGkptwyZScCkU4rqUXZcB5+tQF59ij8O93F:3GUXFyF59ioO91

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

mikexwormxxxyy.ddns.net:7000

Mutex

ir1SigksGA3TjceN

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1788-3-0x0000000002750000-0x000000000275E000-memory.dmp
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections