General
-
Target
2180-1-0x00000000002F0000-0x000000000075A000-memory.dmp
-
Size
4.4MB
-
MD5
5df7a3201da0da17e30ba3e59cd95a48
-
SHA1
d53433eca9121359d50180d92c68944d00dd56e6
-
SHA256
cbf8d272e5e3b70d90186e5cd47523afbd7fc2a20003928c90f23bdb761ffb29
-
SHA512
3958bf5c1a75f61e633451e6ccfb41cf636230ac3dea45408712e6414040684cd1cff306316d6592cadab95153bdf75551cd4fdcc9055b386222b8a9e60c2a67
-
SSDEEP
98304:+KoJ0hutMmvZiOJqzhdatyXJDn+ZoJVZUiMd7+FttcWOtojJ:+nZZ+dagXJr5TZUb+/yfqV
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
127.0.0.1:8938
Mutex
rrUYjJlOwwu2jjkk
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2180-1-0x00000000002F0000-0x000000000075A000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections