Overview

overview

10

Static

static

10

2912-15-0x...ry.exe

windows7-x64

2912-15-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2912-15-0x0000000000400000-0x0000000000414000-memory.dmp

  • Size

    80KB

  • MD5

    19c3e9d7c88636bbd637c44f43df8b4f

  • SHA1

    ae50af431433d5786f840464caaa367f02872114

  • SHA256

    84cbfb1f1f1d27e7662f43271e315409a8633a7e23b1df23e55def1de4d0555c

  • SHA512

    b6c0536aad8321b0a0ada54aa25f8b88410bc2920f8f1dbbe04cf816594b9039c2c108a229dca5627e10133e57891c8a439642e3ba24548324a01a586589a4e7

  • SSDEEP

    1536:wxROmGFPI63TkSO7sXp+bF12x6fk+xOz2xc2/:QYoc+bF1jkuOz2mg

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

104.250.180.178:7061

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2912-15-0x0000000000400000-0x0000000000414000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections