General
-
Target
2532-37-0x00000000008F0000-0x0000000000900000-memory.dmp
-
Size
64KB
-
MD5
db510cb175fcf5ecc6448d7dd65cf76c
-
SHA1
4cfc3a820ebfeeb6b24dfbf9b10651101b562004
-
SHA256
4c4bebdc9c0b2abad995bf673a951c026586c12ff8b0d84628757918010bf3b8
-
SHA512
0693c6b192cd19dabf694df8603e499dcbfac9fa321b2c5b6fb7b250301a92af12c3dfad32341f064dbaf1cf88c4ecda160ed10a30bf12b8e36f030d690c9f4b
-
SSDEEP
768:5ljZKr5jjjx2cJhvrEtzKm6w2Fo9eNO+hUi+F:LjZKrN0cJ5EVb6DFo9eNO+2LF
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
83.149.101.223:6756
Mutex
4hmtV7mKoc9mZ7KY
Attributes
-
Install_directory
%AppData%
-
install_file
SecurityHealthSystray.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2532-37-0x00000000008F0000-0x0000000000900000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections