Overview

overview

10

Static

static

10

3712-137-0...ry.exe

windows7-x64

3712-137-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    3712-137-0x0000000000400000-0x000000000040E000-memory.dmp

  • Size

    56KB

  • MD5

    5f0816a5fcd9b521beeaae385ba3593b

  • SHA1

    dec76824986d7d23370e729b626e07e20040e234

  • SHA256

    4a13f0bb848223f87736c1e541447187729ba18f7589cb0386ac3a5240e604cb

  • SHA512

    7d41bd76027b0aeb03130e78dcda291c564a0cabcd423277fed445dc375c3f2e79d108b8baedcb1bd9b709bbd058a7555ccd41f87f19f7720f58e0c52bc6c841

  • SSDEEP

    1536:ZDGkptwyZScCkU4rAUsZcB5ZHF592OO9eT:PkUsIF592OO9g

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

xwormpeople.duckdns.org:7000

Mutex

lqHiCcisdZrYRJnL

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3712-137-0x0000000000400000-0x000000000040E000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections