Overview

overview

10

Static

static

10

2704-26-0x...ry.exe

windows7-x64

2704-26-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2704-26-0x0000000000400000-0x0000000000410000-memory.dmp

  • Size

    64KB

  • MD5

    b6cb5898fc69b72a20519e7392fcde95

  • SHA1

    8b7c5b8972eefc9440642e36b83eb640c7057f58

  • SHA256

    380f967a334634de3202cb65180d98298b231761ec763f78b1d853160628b3f7

  • SHA512

    31b2318ee5318693bd0aff3832945d95aad66addd3ffd75be7460982d28255f3f2fe5bbae7153386199e3b1fb18535443768dfe04b031673049998527f4bec00

  • SSDEEP

    384:RNR/FWQfrS7+0X/0PZmnkR92oR7zuPggsKx493yBtrLaWGPjxLCPOnsSZwHNWRoX:l/FBDS7xw3p7zg2Kd3yCNRl

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

139.99.153.82:8181

Mutex

c50g7a1RxYiazHZW

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2704-26-0x0000000000400000-0x0000000000410000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections