General
-
Target
UNDERLIKE.exe
-
Size
33KB
-
Sample
240621-mnm5hszfkl
-
MD5
50a3ed4e4c7df557e22d69f64a604568
-
SHA1
db01bb203c1320e511b60a9df0375f8bc9d4dcb9
-
SHA256
1162aba23cfc1a32f719b7a3c517af6a1c24715c547add236a78dfd482541db7
-
SHA512
e935fb44bd8a1af1eec10b9ae263ca8d7b6144b94b4a389ece82eb99ee7e887a0eb385ee16b4f69ba175ba8eecd497669432bdaf0c8028deae85605ce9a62ed9
-
SSDEEP
384:eWrVqCDweO/a5KxxL4YQDc2ETU8XYYR+gtFqBLTiZw/WNnvK9IkVubCxOjhO/3vV:7Kf4NGxYYZF29RtOjhO/3vo99dS
Behavioral task
behavioral1
Sample
UNDERLIKE.exe
Resource
win7-20240508-en
Malware Config
Extracted
xworm
3.0
et-hansen.gl.at.ply.gg:33635
iGPZWxE8sAn1FGpi
-
Install_directory
%AppData%
Targets
-
-
Target
UNDERLIKE.exe
-
Size
33KB
-
MD5
50a3ed4e4c7df557e22d69f64a604568
-
SHA1
db01bb203c1320e511b60a9df0375f8bc9d4dcb9
-
SHA256
1162aba23cfc1a32f719b7a3c517af6a1c24715c547add236a78dfd482541db7
-
SHA512
e935fb44bd8a1af1eec10b9ae263ca8d7b6144b94b4a389ece82eb99ee7e887a0eb385ee16b4f69ba175ba8eecd497669432bdaf0c8028deae85605ce9a62ed9
-
SSDEEP
384:eWrVqCDweO/a5KxxL4YQDc2ETU8XYYR+gtFqBLTiZw/WNnvK9IkVubCxOjhO/3vV:7Kf4NGxYYZF29RtOjhO/3vo99dS
-
Detect Xworm Payload
-
Drops startup file
-