General
-
Target
XClient.exe
-
Size
200KB
-
MD5
8cc621174db313b01645f76dbc708b12
-
SHA1
464f5bf056376525a211332bfed7a869d91a62a0
-
SHA256
0c671401483c5e2a39ac6cdf1fc4ebbfe2c024d43233ef146f1fb1e024d87606
-
SHA512
e10519d18078f8759f9d4bf0e82bf1dd45390113436df0ec9ab80f676657a45a42ec217a216123ffbd404d3083edbe881b5d41d5bc50ce6c868bfec547b6a98d
-
SSDEEP
3072:OrbirRF49wRO/lu38SKfbzxcwg7es6/Vsb8VKTup49oJMfF/H9N3Ky9NzLnK:OrbG349XqUhcX7elbKTuq9bfF/H9d9n
Score
10/10
Malware Config
Extracted
Family
xworm
C2
members-path.at.ply.gg :22473
Mutex
xzJXdTydUB5d63RH
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections