General
-
Target
tmp.bin
-
Size
1.8MB
-
Sample
240705-h64g1axbkd
-
MD5
2b0e421675cce29669ceadff2ca758af
-
SHA1
545fa8e208d8adc14e2d4ea669cb6d809c0152aa
-
SHA256
5e5b928e89a0aabc7226211093683fea9e573ed82fd0286eacfdf3953c9062e8
-
SHA512
6568e40acd7464282903d297c4a7c64398e00fc1e4d787f6e993fa6de7aa6c78308e7698517a98b2b144ee719e943002f56ffb0299e2ef8633350f03251904dd
-
SSDEEP
6144:mx1iwfMPTymGeIHp58TY4adHganYLP3GAr0fSTSZlzOtvw9rI6HDCFixI+JAn3wk:w1Xd6T6qWArcSGZlgvw9rImCF+I93wk
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20240704-en
Malware Config
Extracted
xworm
5.0
185.29.11.111:7000
B3bYPcOfuxE4gqjQ
-
install_file
USB.exe
Targets
-
-
Target
tmp.bin
-
Size
1.8MB
-
MD5
2b0e421675cce29669ceadff2ca758af
-
SHA1
545fa8e208d8adc14e2d4ea669cb6d809c0152aa
-
SHA256
5e5b928e89a0aabc7226211093683fea9e573ed82fd0286eacfdf3953c9062e8
-
SHA512
6568e40acd7464282903d297c4a7c64398e00fc1e4d787f6e993fa6de7aa6c78308e7698517a98b2b144ee719e943002f56ffb0299e2ef8633350f03251904dd
-
SSDEEP
6144:mx1iwfMPTymGeIHp58TY4adHganYLP3GAr0fSTSZlzOtvw9rI6HDCFixI+JAn3wk:w1Xd6T6qWArcSGZlgvw9rImCF+I93wk
-
Detect Xworm Payload
-
StormKitty payload
-
Suspicious use of SetThreadContext
-