General
-
Target
dialer.exe
-
Size
94KB
-
Sample
240402-3xlk2she56
-
MD5
41d5ac1527ea7b6f3ff690ad1f12e1c9
-
SHA1
d7995b188569f98ae64bbd02a15306c081eb4ac2
-
SHA256
7d93c42d1e0fd4fdd3f0c1263869f526653d68ab92456c4f5b1b5e4dda30031c
-
SHA512
582c51a4aa4f73f8c415ac6f6c20d9ba2490bccd308b19bb4fe2173e4f2df8b523a9d513abf3976ad6a59bac89a69896836d0c3443b56de7d342c9e917f80059
-
SSDEEP
768:ROtuLVuX57Pa4DNXYZTXJXHRr9Lx9Q8iPmhLOx1gXINpJeYN/ZTrOYwj+byQuqqd:ku5MZrIhl3x9Q+1OQX7
Behavioral task
behavioral1
Sample
dialer.exe
Resource
win10-20240221-en
Behavioral task
behavioral2
Sample
dialer.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
xworm
147.185.221.18:28789
vqXaGr1XCmDkUDHQ
-
install_file
USB.exe
Targets
-
-
Target
dialer.exe
-
Size
94KB
-
MD5
41d5ac1527ea7b6f3ff690ad1f12e1c9
-
SHA1
d7995b188569f98ae64bbd02a15306c081eb4ac2
-
SHA256
7d93c42d1e0fd4fdd3f0c1263869f526653d68ab92456c4f5b1b5e4dda30031c
-
SHA512
582c51a4aa4f73f8c415ac6f6c20d9ba2490bccd308b19bb4fe2173e4f2df8b523a9d513abf3976ad6a59bac89a69896836d0c3443b56de7d342c9e917f80059
-
SSDEEP
768:ROtuLVuX57Pa4DNXYZTXJXHRr9Lx9Q8iPmhLOx1gXINpJeYN/ZTrOYwj+byQuqqd:ku5MZrIhl3x9Q+1OQX7
-
Detect Xworm Payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-