General
-
Target
2620-9-0x0000000000400000-0x000000000041A000-memory.dmp
-
Size
104KB
-
MD5
489410dd071bfdde9c6c7a391a80b324
-
SHA1
5682e0d00d21053f1ff452b8e5cba63674e12ec5
-
SHA256
c6bd5b5f03c001eef6e048638a07992be822cd9a6165855a72123beb1d3d9418
-
SHA512
5400c4ff1518186a930e2a61da40d1b9893688a85b9f0fd10c0b153ea03334948062adb73ccb87ff3e913db8ae963cea1312927e34970de591894bb61cf89fc3
-
SSDEEP
1536:BSW/Be7KN2LcR2o6butzPhs1h4OD7yMCp8l:Bn0+iQH6buah4ODHCp4
Score
10/10
Malware Config
Extracted
Family
xworm
C2
crazyrdp.africa:7000
Attributes
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2620-9-0x0000000000400000-0x000000000041A000-memory.dmp
Headers
Sections