Overview

overview

10

Static

static

10

2372-27-0x...ry.exe

windows7-x64

2372-27-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2372-27-0x0000000000400000-0x0000000000410000-memory.dmp

  • Size

    64KB

  • MD5

    7f214e8721f320fb2b3ea765781480a2

  • SHA1

    6568b6783f767b9dd79c61858624df46f4b09ffa

  • SHA256

    37771ada6c8eb4ff6fe3a9f707770721b66f4209237668272e0402d5b5150984

  • SHA512

    805f48bd511f59a9815780f927a83e7b34d052b14516748c95ba6e22fa2a72b18443e87f8e4a1bad6c881be34775567e5116c3c373ac1f019c03ce56d39ae69b

  • SSDEEP

    768:hGLtt3QI2/yQJVZUgeo8icH1bxbFb9EAOMh8QXv+:hAb3QI2/yQB9eNicH1bBFb9EAOMu6+

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

christyrusike21.duckdns.org:7000

Mutex

znkTtudE0WUuGVBW

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2372-27-0x0000000000400000-0x0000000000410000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections