General
-
Target
janxwor39090.exe
-
Size
35KB
-
Sample
240212-x7hz1sbb5x
-
MD5
d0ae55e5bf52296ac522d8d2acaeb933
-
SHA1
bb15b9ebcfaefa5aff4eeed1899def45e3a7b21f
-
SHA256
552cfe1d324eabb78511924dbbbf870fe10fe742d88a708f0012f47091ec04a6
-
SHA512
3b66345dcd998bcfc67ca02be70224b6dfa63023548bfaa482a38b81d2bc551999867d14e3c7b9281e87c4c7433f685854768279128f1af07e675b8a3de640f5
-
SSDEEP
384:wgg9j00WbqxAMTayV5N+5maFZZL3aHpJm3/KNm0ns0VgtFMAmNLToZw/RZCvK9IX:yB4QBTOl3aC3CNUVFQ92g7OMhUuvlE
Behavioral task
behavioral1
Sample
janxwor39090.exe
Resource
win7-20231215-en
Malware Config
Extracted
xworm
3.1
janxworm9090.duckdns.org:9090
Xa2HMWUMGteOPIQ2
-
Install_directory
%AppData%
-
install_file
USB.exe
Targets
-
-
Target
janxwor39090.exe
-
Size
35KB
-
MD5
d0ae55e5bf52296ac522d8d2acaeb933
-
SHA1
bb15b9ebcfaefa5aff4eeed1899def45e3a7b21f
-
SHA256
552cfe1d324eabb78511924dbbbf870fe10fe742d88a708f0012f47091ec04a6
-
SHA512
3b66345dcd998bcfc67ca02be70224b6dfa63023548bfaa482a38b81d2bc551999867d14e3c7b9281e87c4c7433f685854768279128f1af07e675b8a3de640f5
-
SSDEEP
384:wgg9j00WbqxAMTayV5N+5maFZZL3aHpJm3/KNm0ns0VgtFMAmNLToZw/RZCvK9IX:yB4QBTOl3aC3CNUVFQ92g7OMhUuvlE
-
Detect Xworm Payload
-
Drops startup file
-