Overview

overview

10

Static

static

10

2092-27-0x...ry.exe

windows7-x64

2092-27-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2092-27-0x0000000000400000-0x000000000040E000-memory.dmp

  • Size

    56KB

  • MD5

    3e555263ba7e50ce290ec81ba4318f84

  • SHA1

    568ae874f857be76a16290bba712695baa638e17

  • SHA256

    886d3faf6550fd16ccf99252539701b33c45610f92d894eff41abcf265b64e50

  • SHA512

    2515a3bc88ceeb9fbb322156ecdb9d8d149303dcd0a57f718734cd3d1a20da48fcbcb09b23bc62362a95eedb02f1bca7ef97d44afe0eaa20b3b6cbd25ee6b5fe

  • SSDEEP

    768:tUa+vNohsXn42JiB70qVF49jJ2Ojh5bu:AvNohsn4WiR0QF49jJ2OjjS

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

79.110.49.133:5700

Mutex

Bg9JRZDpyEfXxrAy

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2092-27-0x0000000000400000-0x000000000040E000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections