General

  • Target

    59ba83421c96f0b37c369cd0e89d2dabdb2958f9daedb94dbf04b506b2b225dc

  • Size

    36KB

  • Sample

    240621-b8yk7svglf

  • MD5

    058f052910a467d3f8185dc0870cf534

  • SHA1

    1604aa9bd7a9ec4852566e943f5dc9b20e402ee6

  • SHA256

    59ba83421c96f0b37c369cd0e89d2dabdb2958f9daedb94dbf04b506b2b225dc

  • SHA512

    39fcd40d6491b16f19152d31af2cc74b6fd0e62afb56a055f9d25788585fd023954d52a9ae694c3f896ee6dd6027a40b15eb091493b87784a9723d0ddc20fad6

  • SSDEEP

    768:tQ2A5Unv1+tybbH3hASLKyRbFf9Yd3OMhx3LPD:K2A5Unv1+oHHxVKyhFf9YROM/TD

Score
10/10

Malware Config

Extracted

Family

xworm

Version

5.0

C2

172.93.222.235:7725

Mutex

EaDc0m9mpwzOMMwb

Attributes
  • install_file

    USB.exe

aes.plain

Targets

    • Target

      59ba83421c96f0b37c369cd0e89d2dabdb2958f9daedb94dbf04b506b2b225dc

    • Size

      36KB

    • MD5

      058f052910a467d3f8185dc0870cf534

    • SHA1

      1604aa9bd7a9ec4852566e943f5dc9b20e402ee6

    • SHA256

      59ba83421c96f0b37c369cd0e89d2dabdb2958f9daedb94dbf04b506b2b225dc

    • SHA512

      39fcd40d6491b16f19152d31af2cc74b6fd0e62afb56a055f9d25788585fd023954d52a9ae694c3f896ee6dd6027a40b15eb091493b87784a9723d0ddc20fad6

    • SSDEEP

      768:tQ2A5Unv1+tybbH3hASLKyRbFf9Yd3OMhx3LPD:K2A5Unv1+oHHxVKyhFf9YROM/TD

    Score
    10/10
    • Detect Xworm Payload

    • Xworm

      Xworm is a remote access trojan written in C#.

MITRE ATT&CK Matrix

Tasks