General
-
Target
Krampus.cracked.exe
-
Size
76KB
-
Sample
240428-ncxegsef2z
-
MD5
39a74d19195ac12e65a94be37b20380d
-
SHA1
b3ea43c70a5260d9be7dd62654537bb9fc689778
-
SHA256
21a18975cf755bf51f0aa15bfb3b4a49d41606ca8a14c365cadb331c971668ac
-
SHA512
09c96f1f2f02868c3a44b18d35441d9a4ca86c022807fe281c32e068681e0356d8c60ee737ce329fb1781b6051dbf50c125047fdbaafa4bf71da0c168f14a8f5
-
SSDEEP
1536:vq8m13fpRwyaRUwh+gJ0BvPHw+bvQwVUs/GOpOKvMFF8:vqf5BGRg5Q+bvQYGMOKEw
Behavioral task
behavioral1
Sample
Krampus.cracked.exe
Resource
win11-20240426-en
Malware Config
Extracted
xworm
127.0.0.1:54211
-
Install_directory
%AppData%
-
install_file
XClient.exe
Targets
-
-
Target
Krampus.cracked.exe
-
Size
76KB
-
MD5
39a74d19195ac12e65a94be37b20380d
-
SHA1
b3ea43c70a5260d9be7dd62654537bb9fc689778
-
SHA256
21a18975cf755bf51f0aa15bfb3b4a49d41606ca8a14c365cadb331c971668ac
-
SHA512
09c96f1f2f02868c3a44b18d35441d9a4ca86c022807fe281c32e068681e0356d8c60ee737ce329fb1781b6051dbf50c125047fdbaafa4bf71da0c168f14a8f5
-
SSDEEP
1536:vq8m13fpRwyaRUwh+gJ0BvPHw+bvQwVUs/GOpOKvMFF8:vqf5BGRg5Q+bvQYGMOKEw
Score10/10-
Detect Xworm Payload
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-