General
-
Target
XClient.exe
-
Size
199KB
-
MD5
27504bf824aa8f3643ae3b927ee0f1ca
-
SHA1
ec2a4078eeede122c70bf40d5655314075700b08
-
SHA256
3e71a1d748bcbd5ad867248a9f03ea7093847e153472bffa044c142284585894
-
SHA512
394150dce9c67da3ea104483c5450a83b3e6fc63880f033b3d9c4b6f0442fe8a334054c4f0b876352cb8cc802ccd45ab1c28d8136eb8159670603648681d9338
-
SSDEEP
3072:ThjF49e4+O/T8SKfbzxcwg7es6/Vsb8VKTup49oJMfF/H9N3Ky9NzLnK:L49FLUhcX7elbKTuq9bfF/H9d9n
Score
10/10
Malware Config
Extracted
Family
xworm
C2
members-path.at.ply.gg :22473
Mutex
GO6OmTWfGxkuRZk3
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections