Overview

overview

10

Static

static

10

3288-33-0x...ry.exe

windows7-x64

10

3288-33-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3288-33-0x00000267BFA10000-0x00000267BFA1E000-memory.dmp

  • Size

    56KB

  • MD5

    9914551745deacfa4b4f82af4c172f70

  • SHA1

    f841ffb41a22d7f327db10cfcba2fa57b29e019b

  • SHA256

    52dcee261fdd7b58b7e4736675d8aedd644d216982ad8826595fef531a5c97a4

  • SHA512

    77a65b3a05c6d927a3d3b827d935da89e662d871a3ae85f62dee0b3d9e20211cbf307feffe4afd6f7927c50c17e0f85cffb2bc9ceb6557eb8d79107110d19115

  • SSDEEP

    384:zeAwIGmeffcbWICWv/0ILZGPc7g0hYACSqRES42uRugtFuBLTIOZw/WVnvn9IkVU:Recbl/b37gMYAoREH2uBFE9R1OqhJbS

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

50.114.203.104:7909

Mutex

505Fd00owUd0cd4k

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3288-33-0x00000267BFA10000-0x00000267BFA1E000-memory.dmp
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections