General
-
Target
Nurik.exe
-
Size
56KB
-
Sample
240427-mntbjahd5x
-
MD5
cff83017173b31b0c7caa9237dd48e0b
-
SHA1
01a3c20961abfea0df5c4731a50298b97219c228
-
SHA256
74895a9bc0944ab851171983ae28e43c7da4f0ae22275d9b2d381d748020c27b
-
SHA512
5f5f7e7b90a428bbab7836e10ecd6626fc1fbc592ef1a068cb91a69ca97e1d93d8443e36689505efa1a96987c1d7a87ad595bd662242179d479af410645bac10
-
SSDEEP
1536:t8xdrJSsvQCb7RTkMeLQ+bV889z+ACOe00/:kd9SedZkr8+bV9zDCOeR/
Behavioral task
behavioral1
Sample
Nurik.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Nurik.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
xworm
127.0.0.1:6522
5.39.43.50:6522
-
Install_directory
%AppData%
-
install_file
XClient.exe
Targets
-
-
Target
Nurik.exe
-
Size
56KB
-
MD5
cff83017173b31b0c7caa9237dd48e0b
-
SHA1
01a3c20961abfea0df5c4731a50298b97219c228
-
SHA256
74895a9bc0944ab851171983ae28e43c7da4f0ae22275d9b2d381d748020c27b
-
SHA512
5f5f7e7b90a428bbab7836e10ecd6626fc1fbc592ef1a068cb91a69ca97e1d93d8443e36689505efa1a96987c1d7a87ad595bd662242179d479af410645bac10
-
SSDEEP
1536:t8xdrJSsvQCb7RTkMeLQ+bV889z+ACOe00/:kd9SedZkr8+bV9zDCOeR/
Score10/10-
Detect Xworm Payload
-
Drops startup file
-
Adds Run key to start application
-