General
-
Target
848411659aa8dfc757a3f4a889ed7c2b7f2c0e78c119bec00cd31bf32925bcc7
-
Size
225KB
-
Sample
240521-ay8srach71
-
MD5
caba3480869729c3082340ab4ce4dfc0
-
SHA1
452e7dbd1aae2ede9d989b9018af83185e27097b
-
SHA256
848411659aa8dfc757a3f4a889ed7c2b7f2c0e78c119bec00cd31bf32925bcc7
-
SHA512
a08ba586dc9f804dc8afaff992ddc7c8af66acbaedaaeb0bbae36d8b0c96e788e7c747633d6aa345097831db146d5708e56ccfdf2287e9e9baf9b9966a256791
-
SSDEEP
6144:cqrGcKnbsH9UhcX7elbKTua9bfF/H9d9n:cJcRH93X3u+
Behavioral task
behavioral1
Sample
848411659aa8dfc757a3f4a889ed7c2b7f2c0e78c119bec00cd31bf32925bcc7.exe
Resource
win7-20240220-en
Malware Config
Extracted
xworm
key-metro.gl.at.ply.gg:53838
-
install_file
USB.exe
Targets
-
-
Target
848411659aa8dfc757a3f4a889ed7c2b7f2c0e78c119bec00cd31bf32925bcc7
-
Size
225KB
-
MD5
caba3480869729c3082340ab4ce4dfc0
-
SHA1
452e7dbd1aae2ede9d989b9018af83185e27097b
-
SHA256
848411659aa8dfc757a3f4a889ed7c2b7f2c0e78c119bec00cd31bf32925bcc7
-
SHA512
a08ba586dc9f804dc8afaff992ddc7c8af66acbaedaaeb0bbae36d8b0c96e788e7c747633d6aa345097831db146d5708e56ccfdf2287e9e9baf9b9966a256791
-
SSDEEP
6144:cqrGcKnbsH9UhcX7elbKTua9bfF/H9d9n:cJcRH93X3u+
-
Detect Xworm Payload
-
Detects Windows executables referencing non-Windows User-Agents
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-