General

  • Target

    XClient.exe

  • Size

    64KB

  • MD5

    c34ec50f0a90c85830b5754daea87eb1

  • SHA1

    214fe795972af462ec54ce062f1722a43e4b27ca

  • SHA256

    f68e8686ff975cf186fbbff34a14940662e0536c54ff952a95731fc6b68bd477

  • SHA512

    0cddc5b8aa9070ff6ab4b27f515cea85c2af1cab44904453bc9859987a5b968f8c75789a96fe1c74a59739d2de5104263c717dce1c566ba8e2ba9c03743538b0

  • SSDEEP

    768:7/njwJxgalmZBz2P/NtrhSfugCc4ZlXOBb0ycso0yp4p4bpyHh4Yh2vUOLhNmwiH:7Ps2Zt2371GhCE884bpyBMUOLz2n

Score
10/10

Malware Config

Extracted

Family

xworm

C2

255.255.255.0:12999

Attributes
  • install_file

    USB.exe

Signatures

  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections