General
-
Target
2928-16-0x0000000000400000-0x0000000000414000-memory.dmp
-
Size
80KB
-
MD5
04f45ab0f3bdfe2fea9d4e77edc2a4f4
-
SHA1
a66b47d40f3db2d75aa7b0a46dda69b280e14832
-
SHA256
9389046496d6722ac6b5fac223f4477660c3d4d8d35235bdcd79f8b903095fea
-
SHA512
9c6b7468a77a5e22f0027d2dccfd6decd8e24924277ba7b878ed47bb7ced524672220fc40c9faa31ee4c0d47cee3ed1d8a21d4509d13e4e85260a46dc93faaa2
-
SSDEEP
1536:yxROmGFPI63TkSO7sXp+bF12x6fk+xOz2xc2/:aYoc+bF1jkuOz2mg
Score
10/10
Malware Config
Extracted
Family
xworm
C2
104.250.180.178:7061
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2928-16-0x0000000000400000-0x0000000000414000-memory.dmp
Headers
Sections