Overview

overview

10

Static

static

10

2632-19-0x...ry.exe

windows7-x64

2632-19-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2632-19-0x0000000000400000-0x000000000040E000-memory.dmp

  • Size

    56KB

  • MD5

    e7ccb675ade035c2e6dc8933ecee4351

  • SHA1

    6699c0b42f5923075d6f9dee73c27b378d57874b

  • SHA256

    8062f59c5368bdc106aed12e2df30260d0807a27760497b54c5ed71c2a6498dc

  • SHA512

    a4f8ddd1bcbd9b19fa3b95117f90e13ef0e4ab1384b4cf88c243946775d6796ec8cf0aef4d8ae5180e5924ea8a5a1fca456d8110dd5737649afee8c0b7951d8c

  • SSDEEP

    384:w7wTA+5OfPgEBQqWvfcQLZe3sw0hYACSqRDP/Q2uRugtFuBLTIOZw/WVnvn9IkVi:irgECfLHwMYAoRDPI2uBFE9RzOqhQb

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

chikes17.duckdns.org:7000

Mutex

JU8kX1cZxdKHfS72

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2632-19-0x0000000000400000-0x000000000040E000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections