Overview

overview

10

Static

static

10

2020-3-0x0...ry.exe

windows7-x64

10

2020-3-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2020-3-0x00000190E7350000-0x00000190E735E000-memory.dmp

  • Size

    56KB

  • MD5

    e3717d75cd2ed739b883a0bd421e5114

  • SHA1

    197f869ce3cf138e1ed0fb22810f4f5ec6228cf5

  • SHA256

    01233a0a7786cb055ce04c3a3c819ef360cc518801b894dacc4fc4d78cfc9787

  • SHA512

    e59b7b8dacec5398b9229e2ef046d4e7cbb1ace52f94fc13d30b5697e10ac036ba26f656b5bea879d8e45fc6e10a6884b54d19a8648214b5ba5f09ca70333991

  • SSDEEP

    1536:cDGkptwyZScCkU4rqUXZcB5+tQF59ioO9AH:mGUXFyF59ioO9+

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

freshinxworm.ddns.net:7000

7000:1234
Mutex

pX3t5E93mWOIWMg1

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2020-3-0x00000190E7350000-0x00000190E735E000-memory.dmp
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections