Overview

overview

10

Static

static

10

4344-14-0x...ry.exe

windows7-x64

4344-14-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4344-14-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    9aa1c17657f8f7ca6873154723183eae

  • SHA1

    8a7647f21bf683a45f322a1313002ca41332b460

  • SHA256

    e824574780b47756e7a09e572d99345b366a1ccd6e97b11cc10d3cc9b25c8624

  • SHA512

    468c239e529b9726fda363f429a48ead4d4572f7c362524fb34a83c70021860eeeb07c5f9f4116e32984d180d3be9b238aba0177db1813e387bcd430f4be8f49

  • SSDEEP

    3072:IfkvwQFo9BiO3OfihtCm8H3v6VdDvmjP/RKCM7CQLmQw1rGdXeyby4qlG:Ifkvvo9z0CIyxql

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

191.101.130.18:8252

Mutex

QjEV8RvoMfefc5wG

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4344-14-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections