xworm | eae37c008a65e02e2030f725e1a09c4154191462c41e672a08a77a410503ffd9 | Triage

Sharing

General

Target

Zylofuscator-main.zip
Size

6.7MB
Sample

250123-p56djazqg1
MD5

7465a1227af057aaeb370153f62351b1
SHA1

2d5352d193f8037d5a0efd731a7789635abcc459
SHA256

eae37c008a65e02e2030f725e1a09c4154191462c41e672a08a77a410503ffd9
SHA512

b7d5452dad8b8d3ac20263119219270e2b49a9d243be79326486338d5eca176841c23a5c77d80ef7e92238ba5c0f7aa6af3c225b320112f95f6a41bc85a993a3
SSDEEP

98304:L0pdz/eV4dh8G6aioQPH1xx9waAMdGUxVBZAxGT:aY4v8GP5Q19wIdG0BIG

Score

10^/10

xworm discovery

Malware Config

Extracted

Family

xworm

C2

poker-dosage.gl.at.ply.gg:10021

Attributes

Install_directory
%AppData%
install_file
RealtekUService86.exe

Targets

- Target
  
  Zylofuscator-main.zip
- Size
  
  6.7MB
- MD5
  
  7465a1227af057aaeb370153f62351b1
- SHA1
  
  2d5352d193f8037d5a0efd731a7789635abcc459
- SHA256
  
  eae37c008a65e02e2030f725e1a09c4154191462c41e672a08a77a410503ffd9
- SHA512
  
  b7d5452dad8b8d3ac20263119219270e2b49a9d243be79326486338d5eca176841c23a5c77d80ef7e92238ba5c0f7aa6af3c225b320112f95f6a41bc85a993a3
- SSDEEP
  
  98304:L0pdz/eV4dh8G6aioQPH1xx9waAMdGUxVBZAxGT:aY4v8GP5Q19wIdG0BIG
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1