General
-
Target
dialer.exe
-
Size
94KB
-
Sample
240402-3yfq7ahe75
-
MD5
e4db823f266abb120b760bffaec78d95
-
SHA1
40c0f9623c39e861ff311099fff51d81c1a69a6d
-
SHA256
3fbed3a0080009501a255159612279862317d24416669dc462692d41e4b454f7
-
SHA512
999c32e9942bb6287e569f8a947bedacf98cc7d8b37e06958f53e3ceb084d2cee5d3ebd305311a8688a2d271a311acb861912345fe3e879275b1314fe76c981a
-
SSDEEP
768:sOtuLVuX57Pa4DNXYZTXJXHRr9Lx9Q5iPmhLOn1gXWNpJeYN/ZTrOYwj+byQuqqd:ju5MZrIhl3x9QN1OCXt
Behavioral task
behavioral1
Sample
dialer.exe
Resource
win7-20240221-en
Malware Config
Extracted
xworm
147.185.221.18:28789
tIJTJ8J61equspRr
-
install_file
USB.exe
Targets
-
-
Target
dialer.exe
-
Size
94KB
-
MD5
e4db823f266abb120b760bffaec78d95
-
SHA1
40c0f9623c39e861ff311099fff51d81c1a69a6d
-
SHA256
3fbed3a0080009501a255159612279862317d24416669dc462692d41e4b454f7
-
SHA512
999c32e9942bb6287e569f8a947bedacf98cc7d8b37e06958f53e3ceb084d2cee5d3ebd305311a8688a2d271a311acb861912345fe3e879275b1314fe76c981a
-
SSDEEP
768:sOtuLVuX57Pa4DNXYZTXJXHRr9Lx9Q5iPmhLOn1gXWNpJeYN/ZTrOYwj+byQuqqd:ju5MZrIhl3x9QN1OCXt
-
Detect Xworm Payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-