General
-
Target
NET.exe
-
Size
5.9MB
-
Sample
240329-b9ngmaed71
-
MD5
334b84a0d53a75c0b254df1e9fda5d89
-
SHA1
cddcb55bc44607864145acd4a80d7ef2b6e3892a
-
SHA256
6f1c1405ca37e3fece451132b8b2f65164fd67c5dc3005588f7850fba0b07cea
-
SHA512
2f4728a75661823333d4b6d6621c2c99566f4dd4dd00acf318b30b278b38b5437debb1386972d0f8927e8094c7f3139a7304a9eeead787fa619ee0a383a142e8
-
SSDEEP
98304:AMtj/BJbGYE+HNbBeA6Na/9rXSFZH9NBAT/xQhPJi4T8UmSh0rqggkX:b/DJeGhX8a/xGxi4gUmSh0mgj
Static task
static1
Behavioral task
behavioral1
Sample
NET.exe
Resource
win11-20240319-en
Malware Config
Extracted
xworm
94.6.233.124:1707
-
Install_directory
%Temp%
-
install_file
GG.exe
Targets
-
-
Target
NET.exe
-
Size
5.9MB
-
MD5
334b84a0d53a75c0b254df1e9fda5d89
-
SHA1
cddcb55bc44607864145acd4a80d7ef2b6e3892a
-
SHA256
6f1c1405ca37e3fece451132b8b2f65164fd67c5dc3005588f7850fba0b07cea
-
SHA512
2f4728a75661823333d4b6d6621c2c99566f4dd4dd00acf318b30b278b38b5437debb1386972d0f8927e8094c7f3139a7304a9eeead787fa619ee0a383a142e8
-
SSDEEP
98304:AMtj/BJbGYE+HNbBeA6Na/9rXSFZH9NBAT/xQhPJi4T8UmSh0rqggkX:b/DJeGhX8a/xGxi4gUmSh0mgj
Score10/10-
Detect Xworm Payload
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-