General
-
Target
e9979aba53e093880b16e00fab4f130ab499e456d3f7d7beb60bb5e5be605299
-
Size
73KB
-
Sample
240402-j9rhaacb97
-
MD5
47e5cc1aa9e86b8210a3e27398c443cf
-
SHA1
c8d789c9e2e8f9482ab5aa8d42e08cd1e689461b
-
SHA256
e9979aba53e093880b16e00fab4f130ab499e456d3f7d7beb60bb5e5be605299
-
SHA512
b7e10130ff7c5493df2006bcc7a4be1f6e8a076bbfd50e713434fdbe0f2d08b0fbc12e40dc16e40612e53d95b0f12139ab72c454ca46f0184619e1c5b537152f
-
SSDEEP
1536:sdXTyqhZinU/VF2unE7boFucccni6j2SO0SBKXH1RSGt:sdjlin2VkIE7booSn2SO0Z1Jt
Behavioral task
behavioral1
Sample
e9979aba53e093880b16e00fab4f130ab499e456d3f7d7beb60bb5e5be605299.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
xworm
-
Install_directory
%Temp%
-
install_file
dllhost.exe
-
pastebin_url
https://pastebin.com/raw/DCDbfnXJ
Targets
-
-
Target
e9979aba53e093880b16e00fab4f130ab499e456d3f7d7beb60bb5e5be605299
-
Size
73KB
-
MD5
47e5cc1aa9e86b8210a3e27398c443cf
-
SHA1
c8d789c9e2e8f9482ab5aa8d42e08cd1e689461b
-
SHA256
e9979aba53e093880b16e00fab4f130ab499e456d3f7d7beb60bb5e5be605299
-
SHA512
b7e10130ff7c5493df2006bcc7a4be1f6e8a076bbfd50e713434fdbe0f2d08b0fbc12e40dc16e40612e53d95b0f12139ab72c454ca46f0184619e1c5b537152f
-
SSDEEP
1536:sdXTyqhZinU/VF2unE7boFucccni6j2SO0SBKXH1RSGt:sdjlin2VkIE7booSn2SO0Z1Jt
-
Detect Xworm Payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-