General
-
Target
Incognito_Guard.exe
-
Size
226KB
-
Sample
240419-2lc9vsac6w
-
MD5
04f9824d91d8b0159a6cba62d26b960e
-
SHA1
24b6adcc3091a55f86535846bb14536a72fd5c33
-
SHA256
7bf3e990a0d0ea340b96823804454e2e0244dc23e5224d10fc53eaa5a979ce22
-
SHA512
bc009927d751b559d627fad8d982fc9a5ad754ea620dd64d6995fc6bc03254b04bf8208e6f2b8be7322133afadf81344aa6aed81cc2e66c84828c5109ffc11c1
-
SSDEEP
1536:D0+Q46x9zWkbh+RaAwjVBOKLYIyJ4EqXaYcuoF:DWD6kbhEsDOK/EqXDcV
Behavioral task
behavioral1
Sample
Incognito_Guard.exe
Resource
win10-20240404-en
Malware Config
Extracted
xworm
exchange-extends.gl.at.ply.gg:31120
-
install_file
USB.exe
Targets
-
-
Target
Incognito_Guard.exe
-
Size
226KB
-
MD5
04f9824d91d8b0159a6cba62d26b960e
-
SHA1
24b6adcc3091a55f86535846bb14536a72fd5c33
-
SHA256
7bf3e990a0d0ea340b96823804454e2e0244dc23e5224d10fc53eaa5a979ce22
-
SHA512
bc009927d751b559d627fad8d982fc9a5ad754ea620dd64d6995fc6bc03254b04bf8208e6f2b8be7322133afadf81344aa6aed81cc2e66c84828c5109ffc11c1
-
SSDEEP
1536:D0+Q46x9zWkbh+RaAwjVBOKLYIyJ4EqXaYcuoF:DWD6kbhEsDOK/EqXDcV
Score10/10-
Detect Xworm Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Sets desktop wallpaper using registry
-