General

  • Target

    wdadwadw.exe

  • Size

    66KB

  • Sample

    240329-ae6jaacc2z

  • MD5

    eb4649c1957e20407bb0ce0fb113f281

  • SHA1

    c74a92c165cb25cfe0b5d8450719ced0bc781c60

  • SHA256

    5df96dc50e5483c578a4f07a1c4a5c9ba0efaef1c47b4ee4363bb2f4f7e0483b

  • SHA512

    2d674e05f8cdf73ee4c10707b8f4dcf1980b104c34ed9b41ebd2c6d9a8a73e16b3e92797e652867cb737ebe16f0352a89f41b6391302df29866b77508ddb40b9

  • SSDEEP

    1536:i2kjkqIPmFlAc7EN/ZkbL3ch1RcnxOfBFV:i4VwATZkbLgsxOf5

Score
10/10

Malware Config

Extracted

Family

xworm

C2

94.6.233.124:5004:5004

Attributes
  • install_file

    USB.exe

Targets

    • Target

      wdadwadw.exe

    • Size

      66KB

    • MD5

      eb4649c1957e20407bb0ce0fb113f281

    • SHA1

      c74a92c165cb25cfe0b5d8450719ced0bc781c60

    • SHA256

      5df96dc50e5483c578a4f07a1c4a5c9ba0efaef1c47b4ee4363bb2f4f7e0483b

    • SHA512

      2d674e05f8cdf73ee4c10707b8f4dcf1980b104c34ed9b41ebd2c6d9a8a73e16b3e92797e652867cb737ebe16f0352a89f41b6391302df29866b77508ddb40b9

    • SSDEEP

      1536:i2kjkqIPmFlAc7EN/ZkbL3ch1RcnxOfBFV:i4VwATZkbLgsxOf5

    Score
    10/10
    • Detect Xworm Payload

    • Xworm

      Xworm is a remote access trojan written in C#.

MITRE ATT&CK Matrix

Tasks