Overview

overview

10

Static

static

10

1728-9-0x0...ry.exe

windows7-x64

1728-9-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    1728-9-0x0000000000400000-0x000000000040E000-memory.dmp

  • Size

    56KB

  • MD5

    6a19301348c9648876cd3cdf38cc215d

  • SHA1

    6442f1289affd38fa4ed6b1d6eac39244fe7eeff

  • SHA256

    8df2c9b77fff3f88c2dbbab7d42956b04b240a0ef5271bee8db63e766a1bbcc2

  • SHA512

    fe22eb442ce6b85bc6a09cb6fbe275ef35bac2740c036855856543d5e37015585f9bc297b6112de7c9cc99c34c7f966dacc153019e78d76e4f04beea8cb86883

  • SSDEEP

    384:ZEbmX5Qa+vN1h1+X3v6JFjL+g93Tm2eaFOfBdRApkFTBLTsOZwpGd2v99IkuisQI:KVa+vNtg+PB93Tw4iBdVFE9jkOjhMd

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

41.216.183.101:7000

Mutex

c7YV1Yp3sakxXjWx

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1728-9-0x0000000000400000-0x000000000040E000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections