General
-
Target
840-55-0x00000000002F0000-0x0000000000302000-memory.dmp
-
Size
72KB
-
MD5
a82bb61f0413f87660d403ecd0723120
-
SHA1
69d17896f999351dd514869c805b159f52180e6e
-
SHA256
4f0db2b97e6f8e6238d3db50ea55b37fd06a35680c0aef6176491bd0b0c01d62
-
SHA512
a0928176e7d7b22786bf7df2ed6da7327eb226f7a5eb13c184f7591ca66acd808c7e4677d8282241f6ad678fe292fc967b933fe1a89fa99a7fd1b40c5b3f5fcf
-
SSDEEP
768:WnXZJGJpevpCtGcdNrI5bP+UGdQYeyjlO93aanNQdjh1:WX/+UpCpbE5bifDQ3XMjh1
Score
10/10
Malware Config
Extracted
Family
xworm
C2
62.171.178.45:7000
Mutex
tDbp1EmAkvM7wf10
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
840-55-0x00000000002F0000-0x0000000000302000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections