Overview

overview

10

Static

static

10

872-1125-0...ry.exe

windows7-x64

872-1125-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    872-1125-0x0000000000400000-0x0000000000414000-memory.dmp

  • Size

    80KB

  • MD5

    43ecde114e84793e1bfb7bee2900513f

  • SHA1

    4ef1b506d0024f877b26e5e1fe7798576bde45cd

  • SHA256

    305a83d21275e3bd12f2915b420dbded79cee9518ec95b4282835eaf066ebe36

  • SHA512

    402f19dbce07ed5a8ff17844417f550f05cd3db522f01b551883fc29d3ac9d41a234bda76446db25bb1fff51364c1c1d7e545809dec18fbeef5d552fa010d158

  • SSDEEP

    1536:J4thbJmy01xNpTTys5vbaWST4jlwOOgB:a+x//ys5vbaW/jlwOO8

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

gamemodz.duckdns.org:7000

Attributes
  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 872-1125-0x0000000000400000-0x0000000000414000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections