General
-
Target
X Image logger beta V5.4.exe
-
Size
281KB
-
Sample
240621-lnhdlayemn
-
MD5
5fd4f327e8ced0a5ddfe7e72f9019b62
-
SHA1
36d86359b077c4ba121095f90e5143c3f712d218
-
SHA256
2502ceb09d5122bf345526dec2d66ce207f0169078df86e77979dc1d4a34dbf9
-
SHA512
70d9abcf58650a17164ba4afd14d6e5ec76971e1f9a534423c8693265a52aee6c35029f1bb950b93809af9fba6a8c6112a6e13fd3c4282ea8687313e468a0566
-
SSDEEP
3072:K++eov7Fz9fbOjmoRahEe0SzSeXX+pow1X70+OFNXqF0RrssIHtGNXElGRP1K:Klz9XHhWBTWrsHH8FElg1
Behavioral task
behavioral1
Sample
X Image logger beta V5.4.exe
Resource
win11-20240508-en
Malware Config
Extracted
xworm
5.0
modern-educators.gl.at.ply.gg:23695
U4MFtBeWYgMZLcT3
-
Install_directory
%Userprofile%
-
install_file
USB.exe
Targets
-
-
Target
X Image logger beta V5.4.exe
-
Size
281KB
-
MD5
5fd4f327e8ced0a5ddfe7e72f9019b62
-
SHA1
36d86359b077c4ba121095f90e5143c3f712d218
-
SHA256
2502ceb09d5122bf345526dec2d66ce207f0169078df86e77979dc1d4a34dbf9
-
SHA512
70d9abcf58650a17164ba4afd14d6e5ec76971e1f9a534423c8693265a52aee6c35029f1bb950b93809af9fba6a8c6112a6e13fd3c4282ea8687313e468a0566
-
SSDEEP
3072:K++eov7Fz9fbOjmoRahEe0SzSeXX+pow1X70+OFNXqF0RrssIHtGNXElGRP1K:Klz9XHhWBTWrsHH8FElg1
Score10/10-
Detect Xworm Payload
-
Drops startup file
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-