General
-
Target
3beedf521d4191f67b99f81c8aed2ac73b422ce7d147dbba2f842046874d030c
-
Size
302KB
-
Sample
241029-1w2jrszjhy
-
MD5
55ad9fefaab3c3cc2020c5dbf692efae
-
SHA1
e7a12a4da4466b1d5e438d5b52e1fe6db1a404b6
-
SHA256
3beedf521d4191f67b99f81c8aed2ac73b422ce7d147dbba2f842046874d030c
-
SHA512
14bbd1d25f97b6a50526bef7653864db30bf1c70e9138ccadc838107b7f4f6b442235058ba629b5ec62a9e2f2ba1cd44e583e8258c1352d6869eb67a59970195
-
SSDEEP
3072:XHlbCn9TFAZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ+ZZZZZZZZZZZZZZZZZZ2:Vbo+GIIIIIIIhIIIIIIIIIIIIIIIU
Behavioral task
behavioral1
Sample
3beedf521d4191f67b99f81c8aed2ac73b422ce7d147dbba2f842046874d030c.exe
Resource
win7-20240903-en
Malware Config
Extracted
xworm
23.ip.gl.ply.gg:8806
-
Install_directory
%ProgramData%
-
install_file
adX5dlient.exe
Targets
-
-
Target
3beedf521d4191f67b99f81c8aed2ac73b422ce7d147dbba2f842046874d030c
-
Size
302KB
-
MD5
55ad9fefaab3c3cc2020c5dbf692efae
-
SHA1
e7a12a4da4466b1d5e438d5b52e1fe6db1a404b6
-
SHA256
3beedf521d4191f67b99f81c8aed2ac73b422ce7d147dbba2f842046874d030c
-
SHA512
14bbd1d25f97b6a50526bef7653864db30bf1c70e9138ccadc838107b7f4f6b442235058ba629b5ec62a9e2f2ba1cd44e583e8258c1352d6869eb67a59970195
-
SSDEEP
3072:XHlbCn9TFAZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ+ZZZZZZZZZZZZZZZZZZ2:Vbo+GIIIIIIIhIIIIIIIIIIIIIIIU
-
Detect Xworm Payload
-
Xworm family
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-