General
-
Target
дая.exe
-
Size
48KB
-
Sample
240427-lwchbagg3t
-
MD5
3676b623e5da4a1676d00450577c7c93
-
SHA1
38110837810f9decec9009af26f4e3239f6b4325
-
SHA256
83ec4abcf9023717ce995a601a244c7c063249f5aff300d33167c93698c77cf1
-
SHA512
3aec75b8a749d3edc9c708f37ac2049b72e7b1e10252a1466afd5f2bec6e94a43972c0d897858b25233fce0a3893986a68d14707c3ecb6708bfda8dd006fe3d1
-
SSDEEP
768:5jnKV+3greh5nVK6QgAhOWfapF/9juGx67OMh/LBSds4S1EAd8IIph:5j1greXF1AhLeF/96667OMFkdS1EAd8f
Behavioral task
behavioral1
Sample
дая.exe
Resource
win7-20240220-en
Malware Config
Extracted
xworm
5.0
court-floral.gl.at.ply.gg:37873
3oKTJOAH16fBXKAk
-
install_file
USB.exe
Targets
-
-
Target
дая.exe
-
Size
48KB
-
MD5
3676b623e5da4a1676d00450577c7c93
-
SHA1
38110837810f9decec9009af26f4e3239f6b4325
-
SHA256
83ec4abcf9023717ce995a601a244c7c063249f5aff300d33167c93698c77cf1
-
SHA512
3aec75b8a749d3edc9c708f37ac2049b72e7b1e10252a1466afd5f2bec6e94a43972c0d897858b25233fce0a3893986a68d14707c3ecb6708bfda8dd006fe3d1
-
SSDEEP
768:5jnKV+3greh5nVK6QgAhOWfapF/9juGx67OMh/LBSds4S1EAd8IIph:5j1greXF1AhLeF/96667OMFkdS1EAd8f
-
Detect Xworm Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-