Overview

overview

10

Static

static

10

2960-2-0x0...ry.exe

windows7-x64

10

2960-2-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2960-2-0x0000000000600000-0x000000000061C000-memory.dmp

  • Size

    112KB

  • MD5

    bc0a83816abd8facaf2219d3a31772b5

  • SHA1

    e7822a2f2d7332ad49ba8f97782553f3f7480980

  • SHA256

    6415df8b62072b30dc0eeeddb28299f08b63b90a5f98040ca2cfd0ff92ad7b8b

  • SHA512

    98b0cb107b4b97dfacf48eec229d1c0da9639ce77ed368bb06039f06092ec0c28c393a1dd822233305eb352dd60beeb45d86fcecc611c899cff03e7ecf7fa06c

  • SSDEEP

    1536:uqB+aNmrgcz0zMAj6oDOeP/uGuBJYRmjbc79zaGtDJy61OfHen7hXaH6:lB+apc0ug/DGjbc75n9OfHw7G6

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Attributes
  • Install_directory

    %AppData%

  • install_file

    System.exe

  • pastebin_url

    https://pastebin.com/raw/ce9Y28X4

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2960-2-0x0000000000600000-0x000000000061C000-memory.dmp
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections