General
-
Target
2608-27-0x0000000000400000-0x000000000040E000-memory.dmp
-
Size
56KB
-
MD5
7feb7c989bf215040cd8c5bbcd616bde
-
SHA1
d5bb9d4a7be0b6cc1f04496dedf83ab2d7320a4d
-
SHA256
c17a6ccf9945eeda565201f3b343390d489db5aa43bb013b6a113fde85c118e0
-
SHA512
c525c578d5fcebd99719619b20cb5d142835eba87aa847b88f2cca789773b321e4f69a06ee5bf3e40b53f413ef21888c635e280356caeda96868704d1e4e241e
-
SSDEEP
768:V+CD9JxV5zlMMyoxVJt76RRVFr9jFGOjhmb:Vh9h5J997iDFr9jFGOjc
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
newpossibility.duckdns.org:3232
Mutex
1rCD91PzSjeS5616
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2608-27-0x0000000000400000-0x000000000040E000-memory.dmp
Headers
Sections