Overview

overview

10

Static

static

10

2712-27-0x...ry.exe

windows7-x64

2712-27-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2712-27-0x0000000000400000-0x0000000000410000-memory.dmp

  • Size

    64KB

  • MD5

    3110eef49ea82b12d46a99d5496d4b8e

  • SHA1

    e6c1521e1325f9c2f99a6bc5267110d189009d28

  • SHA256

    95c252f3f9be2a396aef56d4370b02e090a08c2843f87c58e7787e7d6d1316ad

  • SHA512

    16f95a5458df0f92c07b346d1150f5728999d3611432002b38a1e00c5ebcc49d0a2c01299a045be1c5926f14956eb482fe8001562ae551079fa8c4ff812945f6

  • SSDEEP

    384:RNR/FWQfrS7+0X/0PZmnkR92oR7zuPggsKx493yBtrLaWGPjxLCPOnsSZwHNWRot:l/FBDS7xw3p7zg2Kd3yCNRl9

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

139.99.153.82:8181

Mutex

c50g7a1RxYiazHZW

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2712-27-0x0000000000400000-0x0000000000410000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections