General
-
Target
1060-56-0x0000000000470000-0x0000000000482000-memory.dmp
-
Size
72KB
-
MD5
f49b2f4e058c46f41a07857c7d4d7850
-
SHA1
8ae97c96d9d679d8fc249e41de03b56161c1e167
-
SHA256
6303173a4434064170691470d1ff4b2b717799f5d5b6f3e74aab08318a91e3d3
-
SHA512
cf7de96bcf67cd0fc893d5805314afbdbff112cd49bf4e78f2e190ff75a1ed1fad98b9d617c91654fae4bc11b59f61987c12f883d9cd70440a507d3e2f7466dc
-
SSDEEP
768:UFcLBT2GaT2FXp2POsLyW0Wqp0rqQUfpFzbp80mYzMMkvbOfhEVnv:UcdFw2FX0dLaWqWrIzbp80JhUOfS
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.1
C2
62.171.178.45:7000
Attributes
-
Install_directory
%Public%
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1060-56-0x0000000000470000-0x0000000000482000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections