General
-
Target
b757b5a639337c598a63ecab69eee59d904bc34958dc3d0a26158f71b2f2779c
-
Size
184KB
-
Sample
240530-ckpttsbf86
-
MD5
32d21547c3326ff0d4c3223602de9dd2
-
SHA1
8539651d4240074a2d6715a0fd22d0563a01099d
-
SHA256
b757b5a639337c598a63ecab69eee59d904bc34958dc3d0a26158f71b2f2779c
-
SHA512
89fa5f3e3cd7750745868031eb616afe133fafb69ef5ac93de75bdca04596217da51b8ab7f41f51fd4dc57ed27b3c1462e8ab8f8c356f9d5f88a67c1fbcfe023
-
SSDEEP
1536:ynxEEkGkOkLwnA7H+dAab2MHLCS3aG/OfcifRbpysa7iAM8:y+ERVxADAHb2MH88OfcifBpYuAL
Behavioral task
behavioral1
Sample
b757b5a639337c598a63ecab69eee59d904bc34958dc3d0a26158f71b2f2779c.exe
Resource
win7-20240508-en
Malware Config
Extracted
xworm
127.0.0.1:7000
-
install_file
USB.exe
Targets
-
-
Target
b757b5a639337c598a63ecab69eee59d904bc34958dc3d0a26158f71b2f2779c
-
Size
184KB
-
MD5
32d21547c3326ff0d4c3223602de9dd2
-
SHA1
8539651d4240074a2d6715a0fd22d0563a01099d
-
SHA256
b757b5a639337c598a63ecab69eee59d904bc34958dc3d0a26158f71b2f2779c
-
SHA512
89fa5f3e3cd7750745868031eb616afe133fafb69ef5ac93de75bdca04596217da51b8ab7f41f51fd4dc57ed27b3c1462e8ab8f8c356f9d5f88a67c1fbcfe023
-
SSDEEP
1536:ynxEEkGkOkLwnA7H+dAab2MHLCS3aG/OfcifRbpysa7iAM8:y+ERVxADAHb2MH88OfcifBpYuAL
-
Detect Xworm Payload
-
Detects Windows executables referencing non-Windows User-Agents
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-