Overview

overview

10

Static

static

10

2676-22-0x...ry.exe

windows7-x64

2676-22-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2676-22-0x0000000000400000-0x000000000040E000-memory.dmp

  • Size

    56KB

  • MD5

    1dcaacf8e10f2517486b087a61b67822

  • SHA1

    9b5c442847bcefa4f60e5e59cd540fe177dd628a

  • SHA256

    53bedff4de23c138724dd8535b07d185bea61ff1e5cfe044c5cf9452a15adde7

  • SHA512

    26fc3310ac74cccf5f68b7f8ed1182212ed8e8887a614cad399fc041a158412faa90baedf2ef0108c8d3ed3a9fc05809380e3b8be44f1c9c77280a8aeed181ce

  • SSDEEP

    384:MlRmhGD91SluSWhnHHxzLmYj3Tm2eaFOzldRApkFTBLTsOZwpGd2v99IkuisVkVG:YRPD9OQhx/Bj3Tw4OldVFE9jfOjhGb

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

weidmachane.zapto.org:7000

Mutex

Y3sPpIW4xQztdVfl

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2676-22-0x0000000000400000-0x000000000040E000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections