General

  • Target

    Mason.exe

  • Size

    31KB

  • Sample

    240621-ear8ba1fpm

  • MD5

    6db0ea114d030fbbc3949b5fd27c3626

  • SHA1

    60dc523f74d7025c1bc36012eed6a4f46f4d09fb

  • SHA256

    6b5a879922771526eef460c6f30734c7c7bd045d89f2c38b48136e8157073a48

  • SHA512

    5b9d844749b229b84369dfa1697eacb6c42b6f8f2c07680a2a2e1b58228aaf2b71e8fc021dec405aa1149dcfce5f510e3f968d92cd95185fde85e0ef4b101d8e

  • SSDEEP

    384:YdTYue8anA+EYKcld28yfCmrNDLOcK5rwwHNFLFeJhMx3oZZ5ugtFyiBLT5OZw/t:49sDFUMx38ZJFyU9/bO/hBl7C

Score
10/10

Malware Config

Extracted

Family

xworm

C2

uk-printing.gl.at.ply.gg:10532

Mutex

qoyFxz3x14jDH4c2

Attributes
  • install_file

    Mason.exe

aes.plain

Targets

    • Target

      Mason.exe

    • Size

      31KB

    • MD5

      6db0ea114d030fbbc3949b5fd27c3626

    • SHA1

      60dc523f74d7025c1bc36012eed6a4f46f4d09fb

    • SHA256

      6b5a879922771526eef460c6f30734c7c7bd045d89f2c38b48136e8157073a48

    • SHA512

      5b9d844749b229b84369dfa1697eacb6c42b6f8f2c07680a2a2e1b58228aaf2b71e8fc021dec405aa1149dcfce5f510e3f968d92cd95185fde85e0ef4b101d8e

    • SSDEEP

      384:YdTYue8anA+EYKcld28yfCmrNDLOcK5rwwHNFLFeJhMx3oZZ5ugtFyiBLT5OZw/t:49sDFUMx38ZJFyU9/bO/hBl7C

    Score
    10/10
    • Detect Xworm Payload

    • Xworm

      Xworm is a remote access trojan written in C#.

MITRE ATT&CK Matrix

Tasks