General
-
Target
2200-125-0x0000000000A60000-0x0000000000A70000-memory.dmp
-
Size
64KB
-
MD5
671df82f00fe73e5740fb996b8eab81f
-
SHA1
6b6287cf1f0f46e5d83c8e01e0f75a8051120c1e
-
SHA256
782912903060810f29a9896d2e2242a5d6d0abf82cb2b4aed4dd57ac5046fa7d
-
SHA512
49caf818e778e1a75fefb05e5339135a179e7f303607c90b813671c0ed2d06ac6c1480414dc35f8241c0eb83d8de0ea79bf84083d21e4f6cecfa60b4b9b546ac
-
SSDEEP
384:uSN23Pm/eWqbeve8XRqwzfEhXtT+VOzPzshKKx493yBtrLaNP9/yP8yLC8BsSZwm:VNKPm/eWuFQf2ogz9KdgP9/OS2xRHtH
Score
10/10
Malware Config
Extracted
Family
xworm
C2
102.165.14.26:5007
Mutex
bOVQxHmcqdPEzZOw
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2200-125-0x0000000000A60000-0x0000000000A70000-memory.dmp
Headers
Sections