Overview

overview

10

Static

static

10

2368-198-0...ry.exe

windows7-x64

2368-198-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2368-198-0x00000000004E0000-0x00000000004EE000-memory.dmp

  • Size

    56KB

  • MD5

    7305a26c3fc653dd420fb86aa0ff8500

  • SHA1

    0f366abf9ab1699ad0070fbd008e3e2d6973d97f

  • SHA256

    9b9f29497879e1bcfb2002f049ca56afb74fc035dc9e61f6efe2fb7c7cd699e5

  • SHA512

    1dc4f4581cfa64daa7cd2c2ec43918ee01203efef64242301d1edc134e10d247554b1fb836b7ff5038bd32cf5277153a44f5e463062244df909e858d4733dfbe

  • SSDEEP

    768:xUa+vNshO8q8UoxVJt76bRVFr9jxKOjhTbF:MvN4df978DFr9jxKOjlR

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

91.92.247.130:2423

Mutex

jNAItsLzlKCj7FUO

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2368-198-0x00000000004E0000-0x00000000004EE000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections