Overview

overview

10

Static

static

10

1976-11-0x...ry.exe

windows7-x64

1976-11-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1976-11-0x00000000009D0000-0x00000000009FE000-memory.dmp

  • Size

    184KB

  • MD5

    10b030a439dedc4b473dd6f15e2e1670

  • SHA1

    3474324dfed265a579e55417ad59bcb823adfc9f

  • SHA256

    3dc539c9737d32b815cfde9bac1bd0449d071b9cc9cd0176e88eadd6d162dc6e

  • SHA512

    70948c75ff33111b91ea6f975c74373808be4ad89285e690cc5467fd94c578fb6e71172521d6aebf09fc2b18f7d82cf172e5dda2cf5092d4cafcdd82a4352714

  • SSDEEP

    3072:U6jqI2Jg4s9/5bz1C7BvhoqIOWWrJEWZO4Jg4s9/5bz1C7BvT+QqIOWWr9H:WIiA/5bJC1ja+A/5bJC1UN

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

Attributes
  • Install_directory

    %ProgramData%

  • telegram

    https://api.telegram.org/bot6268868985:AAH9dZaP5ho85P3BVfYfThYVShyDLP_r9BU

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1976-11-0x00000000009D0000-0x00000000009FE000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections