Overview

overview

10

Static

static

10

2404-21-0x...ry.exe

windows7-x64

2404-21-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2404-21-0x0000000000400000-0x0000000000416000-memory.dmp

  • Size

    88KB

  • MD5

    1093c59c5a9885bf5da15e2df2687a72

  • SHA1

    4cff8d0d51b806d0b5abe96e0590b54ec1dc3f53

  • SHA256

    36c93aa5fbae29efd6dcbc222c0f225f95601f19307fd39871967edc854dc94e

  • SHA512

    3fc2084a5cbe428bb51a9bd23599c03b886303f81d1b4bf01ce61bf590b82341fce802af9235082e1a6bdbb812a846f1d0a0b0f4565f7d55a146c627b6ce0aff

  • SSDEEP

    1536:d8Cr2NyOTl3qDA6UYLVbEIls+jpyPeBtO9AgX:OuiZYVUYLVbEyJjtfO9AgX

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

zafa02.hopto.org:4444

Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2404-21-0x0000000000400000-0x0000000000416000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections