General
-
Target
X Image logger beta V5.2.exe
-
Size
596KB
-
Sample
240621-lp4m8ayerl
-
MD5
915c3cf41a3c84fffb96bd4eeab4e5dd
-
SHA1
ba49c1e9b2f62a83a86473a0d98ee5201b7dcf58
-
SHA256
5efe623eb5e9326ae70270135f6dcf2e3b48a62daef1f1685e3f1f0445db5de4
-
SHA512
3a1826663c24c3ad13c98ce5a7cf1da1e59352a16a770cae5f5c744cbd096a7f7a68c31920f04ef6c82cf9348de3df889fdbd35b6dfe9027f7b94220e8e6d43d
-
SSDEEP
12288:kBdlwHRn+WlYV+6R2aon8+lgbvXBgd8y5:kBkVdlYAKm88gbvxgdV5
Static task
static1
Behavioral task
behavioral1
Sample
X Image logger beta V5.2.exe
Resource
win11-20240611-en
Malware Config
Extracted
xworm
5.0
modern-educators.gl.at.ply.gg:23695
pObUje2ZDYSy43QF
-
Install_directory
%Userprofile%
-
install_file
USB.exe
Targets
-
-
Target
X Image logger beta V5.2.exe
-
Size
596KB
-
MD5
915c3cf41a3c84fffb96bd4eeab4e5dd
-
SHA1
ba49c1e9b2f62a83a86473a0d98ee5201b7dcf58
-
SHA256
5efe623eb5e9326ae70270135f6dcf2e3b48a62daef1f1685e3f1f0445db5de4
-
SHA512
3a1826663c24c3ad13c98ce5a7cf1da1e59352a16a770cae5f5c744cbd096a7f7a68c31920f04ef6c82cf9348de3df889fdbd35b6dfe9027f7b94220e8e6d43d
-
SSDEEP
12288:kBdlwHRn+WlYV+6R2aon8+lgbvXBgd8y5:kBkVdlYAKm88gbvxgdV5
Score10/10-
Detect Xworm Payload
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-