General
Structural Analysis
Config.1
Yara Rules81
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | c6311e9115c21f3ab975104b8f1f97fe
|
| Sha1 | 2a3a41d34868e6783e9000b24373824c602308ba
|
| Sha256 | 4d5d33859f7e256a6b2f84e1fdd2cc518b2dfcf8dcbe9ae430c535ee4b4f3aac
|
| Sha384 | d81d180416ce8281979754c423282f8e1b2e4bf32cdbb5495330df96c078be45acfac363b6629377b66eba459069a72f
|
| Sha512 | d63ba96786aa3e6c619e56b28ca8d81a60baca64f3cd707726762d68b2575dca91c562df1951fd855d16db8e4c0fdfdd617c2f3273fe6eebcd7a8008a947638c
|
| SSDeep | 768:a2qTtnawFoZdwj/Iz+YrZEylNeDGjfMGcygxl9g:8JaFdwj/I+0CgLjEGcyuly
|
| TLSH | 13133A335923FCD1BB7F2D80F50439651C85341787698A78FBC409AA38AA650DF2ADF8
|
File Structure
c6311e9115c21f3ab975104b8f1f97fe
Malicious
[Base64-Block @0x00000000]
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Malware Configuration - XWorm config.
|
Config. Field0 | Value |
|---|---|
| Mutex | s7HvRmu5JCCxrgg0 |
| Hosts | 13.49.57.111 |
| Port | 7000 |
| KEY | <123456789> |
| USBNM | <Xwormmm> |
| family | xworm |
Artefacts
|
Name0 | Value |
|---|---|
| Mutex | s7HvRmu5JCCxrgg0 |
| CnC | 13.49.57.111 |
| Port | 7000 |
c6311e9115c21f3ab975104b8f1f97fe (44.38 KB)
File Structure
c6311e9115c21f3ab975104b8f1f97fe
Malicious
[Base64-Block @0x00000000]
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
Characteristics
Malware Configuration - XWorm config.
|
Config. Field0 | Value |
|---|---|
| Mutex | s7HvRmu5JCCxrgg0 |
| Hosts | 13.49.57.111 |
| Port | 7000 |
| KEY | <123456789> |
| USBNM | <Xwormmm> |
| family | xworm |
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| Mutex | s7HvRmu5JCCxrgg0 Malicious |
c6311e9115c21f3ab975104b8f1f97fe > [Base64-Block @0x00000000] |
| CnC | 13.49.57.111 Malicious |
c6311e9115c21f3ab975104b8f1f97fe > [Base64-Block @0x00000000] |
| Port | 7000 Malicious |
c6311e9115c21f3ab975104b8f1f97fe > [Base64-Block @0x00000000] |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.