General
-
Target
Nursultan Crack.exe
-
Size
75KB
-
Sample
240530-dfmpcach87
-
MD5
718d835e956bf992d74d031070750ccd
-
SHA1
8a8be000621049c6d82ef19c5df1c87f8663284b
-
SHA256
6718f70bc6681d4aa51f9a14dd7d13b889207f06d1f6022a50f9d99a5f03d86a
-
SHA512
1e624cbcf80db295371c98b04a479e175dd97496cc0eca8b44d916f99951bb98f1890d073c9b6af7f0ba50f69dbf4122791baee41070d359db53294b33164b8d
-
SSDEEP
1536:klFdpG4JVa2QjuN67/NUavqnWd+bKNX49Y5OO3HFmqiFpETW:klEQNy/NLiG+bKkTO3HFfiFpYW
Behavioral task
behavioral1
Sample
Nursultan Crack.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
xworm
127.0.0.1:1111
tel-form.gl.at.ply.gg:1111
-
Install_directory
%AppData%
-
install_file
discord.exe
Targets
-
-
Target
Nursultan Crack.exe
-
Size
75KB
-
MD5
718d835e956bf992d74d031070750ccd
-
SHA1
8a8be000621049c6d82ef19c5df1c87f8663284b
-
SHA256
6718f70bc6681d4aa51f9a14dd7d13b889207f06d1f6022a50f9d99a5f03d86a
-
SHA512
1e624cbcf80db295371c98b04a479e175dd97496cc0eca8b44d916f99951bb98f1890d073c9b6af7f0ba50f69dbf4122791baee41070d359db53294b33164b8d
-
SSDEEP
1536:klFdpG4JVa2QjuN67/NUavqnWd+bKNX49Y5OO3HFmqiFpETW:klEQNy/NLiG+bKkTO3HFfiFpYW
Score10/10-
Detect Xworm Payload
-
Drops startup file
-
Adds Run key to start application
-