Overview

overview

10

Static

static

10

3752-9-0x0...ry.exe

windows7-x64

3752-9-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3752-9-0x0000000000400000-0x0000000000470000-memory.dmp

  • Size

    448KB

  • MD5

    e485e62d21c78e14eb467b2241857ebb

  • SHA1

    8b32502a6e29ad593e70b3dbc909dc9e8c48da65

  • SHA256

    e9b3a5e4c4ad3713b59bf703c92958a96e34ee0eb7c9b098356a6e7a448456dd

  • SHA512

    d056340b2a715e3f2f330c937c47bbe238c771680bde66aee4609ae95d99ff8e509dab3e49eb634d77301c24a77c9bb85e24325377559adc74209aa204221a04

  • SSDEEP

    1536:dl2Xl36xWmBcZ3R2bZfIa4bEDXIsRSo6MDO4ux7pr94Z96:dlJBcJOv4byXIgOj7Z94ZE

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

172.111.138.90:2221

Attributes
  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3752-9-0x0000000000400000-0x0000000000470000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections