General
-
Target
2024-05-26_7f703e6f99853dbb7b04afb02ce395e0_hiddentear
-
Size
140KB
-
Sample
240526-bz3tkaab3t
-
MD5
7f703e6f99853dbb7b04afb02ce395e0
-
SHA1
76908967e8162705d68336ab6635818d3834b314
-
SHA256
7fc20144378247008ef665d5e660c2cb5a3ef3498b4536447ffb26b852d553b1
-
SHA512
6478c45d3f4d9cfac080504d3200bff334265b988d3ae9075605be5a4b1d56ebcde7e528d0c6eb965fca192a73e0ecfedd36140e76922989f29aeec2ad12646b
-
SSDEEP
3072:+nJUFq9i2Os8M+lmsolAIrRuw+mqv9j1MWLQe:+JOq97+lDAA
Behavioral task
behavioral1
Sample
2024-05-26_7f703e6f99853dbb7b04afb02ce395e0_hiddentear.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-05-26_7f703e6f99853dbb7b04afb02ce395e0_hiddentear.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
xworm
3.1
45.81.150.172:7000
6n3Jhpot6p61GoJO
-
Install_directory
%AppData%
-
install_file
USB.exe
Targets
-
-
Target
2024-05-26_7f703e6f99853dbb7b04afb02ce395e0_hiddentear
-
Size
140KB
-
MD5
7f703e6f99853dbb7b04afb02ce395e0
-
SHA1
76908967e8162705d68336ab6635818d3834b314
-
SHA256
7fc20144378247008ef665d5e660c2cb5a3ef3498b4536447ffb26b852d553b1
-
SHA512
6478c45d3f4d9cfac080504d3200bff334265b988d3ae9075605be5a4b1d56ebcde7e528d0c6eb965fca192a73e0ecfedd36140e76922989f29aeec2ad12646b
-
SSDEEP
3072:+nJUFq9i2Os8M+lmsolAIrRuw+mqv9j1MWLQe:+JOq97+lDAA
Score10/10-
Detect Xworm Payload
-
Detects Windows executables referencing non-Windows User-Agents
-
Detects executables using Telegram Chat Bot
-
Drops startup file
-
Adds Run key to start application
-