General
-
Target
checker.exe
-
Size
84KB
-
Sample
240530-bw79wahf3x
-
MD5
b8da5a392ebefed4b9445d75f2f0073b
-
SHA1
7b8090b749a48ae5cc54c69f98ab3ec80e5db6d2
-
SHA256
442d059b587fe5bbe2177d96960040e5e9988565536829b8ad2a4019824cce44
-
SHA512
1d44dcc131402513f231db514796f0e9280e3f173fbc0369a517c7104127f8ead0bcea1a00eaf4a2aacc7ed21bfdb025ba6087a0fdd50848ae75e9ccd0248e0f
-
SSDEEP
1536:yw4CEgXnzFM8CUxcPwKwZJG+bWfrZ+QlzWmO/hZaeSMEFpETk:VFXn1noOrG+bWf1zHOpZaeFEFpYk
Behavioral task
behavioral1
Sample
checker.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
xworm
127.0.0.1:1111
tel-form.gl.at.ply.gg:1111
-
Install_directory
%AppData%
-
install_file
discord.exe
Targets
-
-
Target
checker.exe
-
Size
84KB
-
MD5
b8da5a392ebefed4b9445d75f2f0073b
-
SHA1
7b8090b749a48ae5cc54c69f98ab3ec80e5db6d2
-
SHA256
442d059b587fe5bbe2177d96960040e5e9988565536829b8ad2a4019824cce44
-
SHA512
1d44dcc131402513f231db514796f0e9280e3f173fbc0369a517c7104127f8ead0bcea1a00eaf4a2aacc7ed21bfdb025ba6087a0fdd50848ae75e9ccd0248e0f
-
SSDEEP
1536:yw4CEgXnzFM8CUxcPwKwZJG+bWfrZ+QlzWmO/hZaeSMEFpETk:VFXn1noOrG+bWf1zHOpZaeFEFpYk
Score10/10-
Detect Xworm Payload
-
Drops startup file
-
Adds Run key to start application
-