Overview

overview

10

Static

static

10

2488-15-0x...ry.exe

windows7-x64

2488-15-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2488-15-0x0000000000400000-0x0000000000410000-memory.dmp

  • Size

    64KB

  • MD5

    022717abcc8afa1bf8a6b5c2fd05bc31

  • SHA1

    2d98b624c63ee151af44db1d2ec2b8b1cda86110

  • SHA256

    802a0dbb487dc07b07020e973af8497ca5b3524fd6b49e32be6faa69ac0d8d29

  • SHA512

    a8733e00da7713866cb4aa691c77292aad2a681dc128aed15a3b941ef18b19ceb5a0d7acdf07343d5e22273b02372db90b5976644f8bfc4d2c0cc72d921cb422

  • SSDEEP

    768:pUw9W9heo4QMRpE17O59DGObNLFf9dP4OuhKyr3WW:f89heTK1infRFf9dP4Ou8I

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

191.101.130.18:8252

Mutex

9DiMa559vRsnPK3A

Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2488-15-0x0000000000400000-0x0000000000410000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections