Overview

overview

10

Static

static

10

2240-38-0x...ry.exe

windows7-x64

10

2240-38-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2240-38-0x0000000005470000-0x000000000548C000-memory.dmp

  • Size

    112KB

  • MD5

    0118f3ff53ae71b79dd857243433b469

  • SHA1

    cb3207c4cf1b97ec5f3412855ccab55361f9eba2

  • SHA256

    c56430691d7b47f332bd41859fa6dc11021b269060790c2a02d04333475596f4

  • SHA512

    ed8fcc3ae697a7af0d4b84d5fc9e5feffa3ea09fa6ae617446ca3d6125a7ffada45d93f3816a3f1bc4be493ae1876c56a7993f61f901931ade25a1d53b2247c0

  • SSDEEP

    1536:Wulyi0HlkpuyRtmlBOBG7ek8wEu2b5pDv8yi99FUoaER8:dyi0HlkA+EBOB2e0T2b5pm99FRzq

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

193.161.193.99:24049

Mutex

Fhc0AfR5IWfrpo3r

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2240-38-0x0000000005470000-0x000000000548C000-memory.dmp
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections