nworm | 92c51c585672df9fc62a716c9e9e13bd1c5cea22bf0803a98442102af8a9eeea | Triage

Sharing

General

Target

ca8aae34beefb29525e8d94c02e00e6f
Size

11KB
Sample

231228-gxrleafhh4
MD5

ca8aae34beefb29525e8d94c02e00e6f
SHA1

aaddb87c71e8b39c2635887338614cf055ef6005
SHA256

92c51c585672df9fc62a716c9e9e13bd1c5cea22bf0803a98442102af8a9eeea
SHA512

1383d6a5deafa68666a932250954810fd069ae862cbf2a9fdea6022d32b7bc5a9b381ab8b4734b32c5f5edd753e1a641938e269a58b0c9635d7277b64cd7ce64
SSDEEP

192:bf0bT5u+V0G5j18okX/m5gpEwil94rmuvelyz0w8gxVNa:bMf5u+1jqXPEwq9462Mjw8gLN

Score

10^/10

nworm downloader worm

Malware Config

Extracted

Family

nworm

Version

v0.3.8

C2

publicvm.camdvr.org:1933

Mutex

9c719311

Targets

- Target
  
  ca8aae34beefb29525e8d94c02e00e6f
- Size
  
  11KB
- MD5
  
  ca8aae34beefb29525e8d94c02e00e6f
- SHA1
  
  aaddb87c71e8b39c2635887338614cf055ef6005
- SHA256
  
  92c51c585672df9fc62a716c9e9e13bd1c5cea22bf0803a98442102af8a9eeea
- SHA512
  
  1383d6a5deafa68666a932250954810fd069ae862cbf2a9fdea6022d32b7bc5a9b381ab8b4734b32c5f5edd753e1a641938e269a58b0c9635d7277b64cd7ce64
- SSDEEP
  
  192:bf0bT5u+V0G5j18okX/m5gpEwil94rmuvelyz0w8gxVNa:bMf5u+1jqXPEwq9462Mjw8gLN
Score

10^/10

nworm downloader worm
- NWorm
  A TrickBot module used to propagate to vulnerable domain controllers.
  worm downloader nworm
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

nwormdownloaderworm