Overview

overview

10

Static

static

10

1564-44-0x...ry.exe

windows7-x64

1564-44-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1564-44-0x0000000000400000-0x000000000040E000-memory.dmp

  • Size

    56KB

  • MD5

    3d2db3e39f527f4ce17305deed0e61ae

  • SHA1

    be26a8b8e6469f5ac8dc173892f3a2e4ef69c0d5

  • SHA256

    339ae7fdd41728f6c6a1e4e78a8655c6e4d0a0de2085d5ad0c3c67336ffea5aa

  • SHA512

    aa1a7bd4589ac2e7632ce6b19cb9b5b4bf87dd6be97d356002d157ea553caddf1377ab180def7a5bfdc3017709ad3b5c388de6705060e6c92840e69d95f9949e

  • SSDEEP

    768:SUa+vNshO8q8WoxVJt76JRVFr9jxOjhWb:5vN4dR97SDFr9jxOj8

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

httpss.ddns.net:99

Mutex

qinaw9YeuAb7oGHf

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1564-44-0x0000000000400000-0x000000000040E000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections