Overview

overview

10

Static

static

10

2788-15-0x...ry.exe

windows7-x64

2788-15-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2788-15-0x0000000000400000-0x0000000000410000-memory.dmp

  • Size

    64KB

  • MD5

    84e12267c3eaf6133847e478de68632d

  • SHA1

    71c89d3bd045c56b805d9e55ec8cb7672aa8df88

  • SHA256

    5f63c8eaf469a8bae934ec7be642505f711553f6fdfa5f501612f000b7718656

  • SHA512

    96002f4289fe6d0cfd38dce582ea70c1e9aa46c6e69e39f99c03d1f95740319db338abd006f34019611ac680179be26640fb694a341da3dd80ce6918eb62ccd6

  • SSDEEP

    768:pUw9W9heo4QMRpE17O59DGObNLFf9dP4OuhKyr3W:f89heTK1infRFf9dP4Ou8

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

191.101.130.18:8252

Mutex

9DiMa559vRsnPK3A

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2788-15-0x0000000000400000-0x0000000000410000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections