Overview

overview

10

Static

static

10

2524-15-0x...ry.exe

windows7-x64

2524-15-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2524-15-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    bb20afea5dcf5cd72140ef067e6b3fdf

  • SHA1

    2bae737fb8ef35c418bc20b1d1638610cf02cc4a

  • SHA256

    300986ac84783e76b53e308b7d007a0440125722126c6100bbadda8df34940ca

  • SHA512

    fc7c4936f4f87d571db8c01fc27d13b234a40e3d2d689cde911d8d04acc5397a699f99aaad9b75d59912526b43fd70d040e670f2cec8f9ac876a74022d478592

  • SSDEEP

    768:iGKpLv/M4znfLyWR0Ep/9798L/4aBFo9BiO3htOYu:Iv/M4znfLAIj8LwQFo9BiO3P

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

191.101.130.18:8252

Mutex

QjEV8RvoMfefc5wG

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2524-15-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections