Overview

overview

10

Static

static

10

2036-11-0x...ry.exe

windows7-x64

2036-11-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2036-11-0x0000000000400000-0x0000000000418000-memory.dmp

  • Size

    96KB

  • MD5

    51b38fed2f16926c49f699635861fef8

  • SHA1

    5fa458c4237eeb3c06104e0bcf3142a86c66566e

  • SHA256

    dcaa3de8bd32d1965f0198e3ded41e5fcbd667c11366ee5542170342c14dcd60

  • SHA512

    33d5f3ae032e67d5850d856604613f6127ea355e941da8fc94915adb79ddd48ffb7d0172f4af7b29b807bd4b7d27d502ae35e0587b7caf009684b3bcdc4c5106

  • SSDEEP

    1536:byhyrVopumSUFyDa6Y7H+bix81c3YSMb6eOJ832:+5pzbyQr+bC8wYROJA

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

104.250.180.178:7061

Attributes
  • Install_directory

    %AppData%

  • install_file

    XWorm V5.2 Optimized.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2036-11-0x0000000000400000-0x0000000000418000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections