General
-
Target
1996-1-0x0000000000400000-0x000000000040E000-memory.dmp
-
Size
56KB
-
MD5
52efa5b92c2ddd8fcaf988668d20e149
-
SHA1
f7aa7cb5da2b2d663e357d3a0d21d9bc4215d4ff
-
SHA256
fe2199640eb16b56deed3f6c88e7c6ca59630cd9f9da2c40999e8b51cb973245
-
SHA512
5d327e018cd4f9cc6f5b4908246cd494337b9932b78d4ee6c1b7cad877fb8e027186527f3d881bef766e62443cd609f60112323f5ef77d5db8c5d854695a47d1
-
SSDEEP
1536:DjXMwX1eJGl8y0UbTVUsZcB5iHF592DO9ss/:7d7RUstF592DO9r
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.1
C2
67.215.224.133:5454
Mutex
gZovO7Orbqb3wmDO
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1996-1-0x0000000000400000-0x000000000040E000-memory.dmp
Headers
Sections