General
-
Target
dawg.bat.bin
-
Size
47KB
-
Sample
240925-qehefszgjb
-
MD5
2d4b3f85f3619e096e14096a0849fbf9
-
SHA1
c9aa9a3f00830625ff3f806d0b0d6a22ac3a7d93
-
SHA256
49a7db4ab12330edff1ef80c5e0c9c93d69c4fe36e4ae25eb92d311be55baf66
-
SHA512
42f220a2dee917c3c14164a4fe2399e196218fcea7bc5d56afee6c08ac0bf88b765a9e5bda1cff5f17d59d85800575ceba26819116ca33829a27abed2b53c4aa
-
SSDEEP
768:0yWnyN9IbUZIYiztjyHg6QihA1WmmaMj17Hln1nVrV:0E9XqYwtWAb1DmdxLln5
Static task
static1
Behavioral task
behavioral1
Sample
dawg.bat.vbs
Resource
win10-20240404-en
Malware Config
Extracted
xworm
5.0
Extracted
gurcu
https://api.telegram.org/bot7533145045:AAGnW8Bkr0_G1f_ZxiKTve5hlRZjphTc0aM/sendMessage?chat_id=-4512836800
Targets
-
-
Target
dawg.bat.bin
-
Size
47KB
-
MD5
2d4b3f85f3619e096e14096a0849fbf9
-
SHA1
c9aa9a3f00830625ff3f806d0b0d6a22ac3a7d93
-
SHA256
49a7db4ab12330edff1ef80c5e0c9c93d69c4fe36e4ae25eb92d311be55baf66
-
SHA512
42f220a2dee917c3c14164a4fe2399e196218fcea7bc5d56afee6c08ac0bf88b765a9e5bda1cff5f17d59d85800575ceba26819116ca33829a27abed2b53c4aa
-
SSDEEP
768:0yWnyN9IbUZIYiztjyHg6QihA1WmmaMj17Hln1nVrV:0E9XqYwtWAb1DmdxLln5
-
Detect Xworm Payload
-
Blocklisted process makes network request
-