General
-
Target
1416-4792-0x0000000000400000-0x0000000000414000-memory.dmp
-
Size
80KB
-
MD5
4e293aab8bc657ac62053ece134de53e
-
SHA1
66f987c81a3dde576f66a0742371809b7c14e426
-
SHA256
319e2730b803f832bb011fd98ad8d0f9327bd3cda6f5c82fbdc711112db82a7a
-
SHA512
a71b222bbed3e163663a6de7a5173a10f366207c604b934bc3c1f71261b4e1836d49c7bb2c54d4251dbdf156ac8bb85526f7d09c42d6a72bbf158a7a84059588
-
SSDEEP
768:WTTa8vHhkgSMN2XfYLTk99xfIMQbFAVUk2y/m6iRvOahi8qNI:WTmuHSeNyqe9x4bFAVUk1TUOas9I
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.1
C2
gamemodz.duckdns.org:7000
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1416-4792-0x0000000000400000-0x0000000000414000-memory.dmp
Headers
Sections