General
-
Target
winlogin.exe
-
Size
40KB
-
Sample
231011-2zrdmscg26
-
MD5
64aa45857bbf819ca0516126748ddfdb
-
SHA1
7b57da0f3115410b67456983b72df35c0f168ba8
-
SHA256
02cda252627b911029c6123d83e211312a5bba40b4afcc06d3eb40595f0baee8
-
SHA512
138b7a4e8f07d063240cdb918660682036a13dc4e518095404211c7d67ee34c0620adf344a488f5102c47bdcc68de80584dd3b83f42f35ef0d858541ade6f4d9
-
SSDEEP
768:k1/imAZfCL6p0nMskv+JUBkquxKdVC7kadRzdq2:k9imNPnMtTCTbq2
Behavioral task
behavioral1
Sample
winlogin.exe
Resource
win7-20230831-en
Malware Config
Extracted
xworm
180.ip.ply.gg:48892
QWgaicbZP6H1puz7
-
install_file
USB.exe
Targets
-
-
Target
winlogin.exe
-
Size
40KB
-
MD5
64aa45857bbf819ca0516126748ddfdb
-
SHA1
7b57da0f3115410b67456983b72df35c0f168ba8
-
SHA256
02cda252627b911029c6123d83e211312a5bba40b4afcc06d3eb40595f0baee8
-
SHA512
138b7a4e8f07d063240cdb918660682036a13dc4e518095404211c7d67ee34c0620adf344a488f5102c47bdcc68de80584dd3b83f42f35ef0d858541ade6f4d9
-
SSDEEP
768:k1/imAZfCL6p0nMskv+JUBkquxKdVC7kadRzdq2:k9imNPnMtTCTbq2
-
Detect Xworm Payload
-
Drops startup file
-