General
-
Target
1924-19-0x0000000000400000-0x0000000000410000-memory.dmp
-
Size
64KB
-
MD5
12f86d6a803ae8a5c3aeccf46efb7c6b
-
SHA1
e7efd34cccfae7f68a5b59933ef7ccd641ca68da
-
SHA256
298fd234381e8f7067e1ab466986e70c6acdf96e87f3e0010d5394173a8322a5
-
SHA512
1256e48a7b8575a33deea528cfd617eb28829f790f9c97d1dbe8d595d94fbfd70afbca36a513b5d84b239e5012482ae956de51ae1df5f554e4d89387092f256a
-
SSDEEP
768:6GLtt3QI2/yQJVZU1eo8icH3WbFb9Y2aVOMhPQrvz:6Ab3QI2/yQBIeNicH3SFb9YDOMNCz
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
dav12221.duckdns.org:7000
Mutex
VnoSv30JNEHEbKof
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1924-19-0x0000000000400000-0x0000000000410000-memory.dmp
Headers
Sections