Overview

overview

10

Static

static

10

4212-1347-...ry.exe

windows7-x64

4212-1347-...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4212-1347-0x0000000000400000-0x000000000040E000-memory.dmp

  • Size

    56KB

  • MD5

    ad685fabb1e8656e88e0fc6fe30919da

  • SHA1

    c438c03ba71e3c9bc3de9bc98e84b443e1b95a42

  • SHA256

    e787191c06be64e9bc638832685b2881180a6e042db12c0fdec9d26a9fdfef19

  • SHA512

    a126fc8268c5879f80bf2022b1e54a61da63a34875a49c1f84700a497f226da5510d374477e4e3700db5379974142e8e74f5805ffcf8f25b351e9487ffe9fe62

  • SSDEEP

    384:4ancGQatJNAVc6cdJLSmtm3ZFsLcvSAOotVRApkFTBLTsOZwpGN2v99IkuisJH6l:gGQGAwXtm3HJvlhVVF89jvOjhYbd

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

Mutex

pQMh0JV136n0w49S

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4212-1347-0x0000000000400000-0x000000000040E000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections