Overview

overview

10

Static

static

10

4828-44-0x...ry.exe

windows7-x64

4828-44-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4828-44-0x0000000000400000-0x0000000000410000-memory.dmp

  • Size

    64KB

  • MD5

    c44daba4a2eafc21b609bb3295c4ad2e

  • SHA1

    2703549b2c3a45280d8ed801967b995b642b1225

  • SHA256

    b2bef8257d1731ec57af82bd9ee3b12ed81c6635f95633243668749f3267d065

  • SHA512

    a899874acd0cb152db3a0cb5201465631ad300d7183768888cd1b5d0db9234daa7213d9faae2c31f27dd8918dc615214f2add75fbda3d94007d0c3f19bc34495

  • SSDEEP

    768:NyfuON2F8DwO/hKXf/qkbht83qFS9xM6OO+h1FDJ:QmON2FvehKXv/FS9xM6OO+vP

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

103.78.0.137:5151

Mutex

dK3Ts1K6YgDeZRUF

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4828-44-0x0000000000400000-0x0000000000410000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections