General
-
Target
3832-323-0x0000000032090000-0x00000000320AE000-memory.dmp
-
Size
120KB
-
MD5
79d7cac0e769c1df48bcfe53f623ea90
-
SHA1
a9c8f9fd12d19e16352389cfb0ad3cdbea467bba
-
SHA256
4577f3e1484042388483215cc9297b08bf8fb4712325e82bbf670778be55b18a
-
SHA512
948fc8a7f2ed077d62f35e026750f173ede70f161c52a1be169f7f4e9c101765c9f743b7690d354241e272f6b9408027ab86cd9c6c584939ba3fe3db6aed102e
-
SSDEEP
1536:kP1JCbzfwNlzoERIJSp724CBbQXcaFf9TUFLiua7:kP1J0s3oERVpjCBbQXF9TEOh
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
freshinxworm.ddns.net,secoundxwormm.ddns.net,2freshinxworm2.ddns.net:7000
Mutex
VKdHIe0njOPp7RZd
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3832-323-0x0000000032090000-0x00000000320AE000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections