Overview

overview

10

Static

static

10

2704-41-0x...ry.exe

windows7-x64

2704-41-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2704-41-0x0000000000400000-0x0000000000410000-memory.dmp

  • Size

    64KB

  • MD5

    6fc6fa2d327da72caf801a5d45506e98

  • SHA1

    d66ca6bb027443308134b6816bbfd575340c62b8

  • SHA256

    5114eaa5cf487b75d4af71173e8f7a18477bbacf542201bc492a6cbb4a0e8770

  • SHA512

    700e9389278c6b62afac5f0dd2512e1b53dbc4a7daa13ffd109a6aa63cb5ec28a5fec0dda67a5b8ac99ad0bbce741fd28641c94b2d4d60153865602605dafd23

  • SSDEEP

    384:cF0PB7HEDNXyez/cQ/mnIwluAY7zuPggBKx493yBtrLaWGPjxLCPOnsSZwHGRWRL:fP16NXxhxj7zgbKd3ytRRRV2

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

67.213.221.11:2554

Mutex

Psp7o2vHyPCGxsO7

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2704-41-0x0000000000400000-0x0000000000410000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections