General
-
Target
fb5090ca9f961f02946ef0d3d5b8646f.bin
-
Size
100KB
-
Sample
240420-cf9y7see6v
-
MD5
ab420c1864dd1f1af8053453103a430b
-
SHA1
995c7ece0d15c6b369cc00c458ea0abcec6facda
-
SHA256
8ad39f1dae1db39c58ed2f65b3de79f9af45cda912d298fcc87ab2c961845400
-
SHA512
31ba73196a3cb770aa7d37ef3f542b84363801e90389b3a9d2939824962dd1d12de39300c62e8d8b4f519f0d072136d507d1dbf86656fa983e62484a328e2052
-
SSDEEP
3072:6S3DM02gtLQWQBOdvptodRnIglMb45tiX:6S3DrtLQWtBp2dRIglW+E
Static task
static1
Behavioral task
behavioral1
Sample
01f12f8f773c8b1b9aceaa069f261d2f1a768e969664e206fe8d84d06f028a27.exe
Resource
win7-20240221-en
Malware Config
Extracted
xworm
3.1
204.44.127.158:7000
JvU2pJlIbAiyvvJH
-
install_file
USB.exe
Targets
-
-
Target
01f12f8f773c8b1b9aceaa069f261d2f1a768e969664e206fe8d84d06f028a27.exe
-
Size
129KB
-
MD5
fb5090ca9f961f02946ef0d3d5b8646f
-
SHA1
eca31336c606d655506c7d382d882ca5edc70c79
-
SHA256
01f12f8f773c8b1b9aceaa069f261d2f1a768e969664e206fe8d84d06f028a27
-
SHA512
7ffd92a98b06de39b2299fb7717e62f60355cbcf922bbc435adbba0fe2dacf6abda459e7a64dc2d672d32f998bb090f46d300bdbb648996b175941d31d736ef0
-
SSDEEP
1536:keNuXrNMfAUWFMN9QrzY4M+d8iQTWd0uj9/SbSFCSsWmfqM3TT3Ru35M:keeNM5zN9gY4M5TFIcmHs3CsXUm
-
Detect Xworm Payload
-
Suspicious use of SetThreadContext
-