General
-
Target
23f99e31031b05b09b4f01c05fbe24f9ddc16110297016f9359116b194724065
-
Size
10.5MB
-
Sample
240314-kqlncsfc91
-
MD5
ca63d146b2c5f1c9f259c571981e4b79
-
SHA1
49b00c1c3e30451bb2ed7e4968f5bf49de884a50
-
SHA256
23f99e31031b05b09b4f01c05fbe24f9ddc16110297016f9359116b194724065
-
SHA512
1b759eb0debeb3898980a349484e762c3a3f53378b625557640f34ae3b85926c9f78ce1e08aad76af3c2691043ff6333b00e0622e60d8b712097efef27dd5560
-
SSDEEP
49152:626x5gXqU+BYevUmXfOSOlYUxHHfhLBOblwysVsuiuph9O:c
Static task
static1
Behavioral task
behavioral1
Sample
23f99e31031b05b09b4f01c05fbe24f9ddc16110297016f9359116b194724065.ps1
Resource
win7-20240221-en
Malware Config
Extracted
xworm
5.0
91.92.251.195:7000
auk38otQ7xik0zRg
-
install_file
USB.exe
Targets
-
-
Target
23f99e31031b05b09b4f01c05fbe24f9ddc16110297016f9359116b194724065
-
Size
10.5MB
-
MD5
ca63d146b2c5f1c9f259c571981e4b79
-
SHA1
49b00c1c3e30451bb2ed7e4968f5bf49de884a50
-
SHA256
23f99e31031b05b09b4f01c05fbe24f9ddc16110297016f9359116b194724065
-
SHA512
1b759eb0debeb3898980a349484e762c3a3f53378b625557640f34ae3b85926c9f78ce1e08aad76af3c2691043ff6333b00e0622e60d8b712097efef27dd5560
-
SSDEEP
49152:626x5gXqU+BYevUmXfOSOlYUxHHfhLBOblwysVsuiuph9O:c
-
Detect Xworm Payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-