General
-
Target
XClient.exe
-
Size
43KB
-
MD5
58064bfc762e60cc73c67461849efa23
-
SHA1
2fb82be7c591278286932d10db892c9012dc387c
-
SHA256
1b3b8a40f12c35db7c850be141d687126f4df8104fe266fe6fbce594ecaa08fa
-
SHA512
2eb4d7fdea16633c4fd6a74803769626b9b2c0c7a7bd86b77df9e9a5b8cda77a248407159b2e72fe5392eae79f15e5d4a912e18f8edc31908e56f4ab607ab717
-
SSDEEP
768:t6rui8hoxxS/UKtMtUb+Fa+B0FFRPM9W96ZOChhvubWQ:tsB8hobsftvMGF69W96ZOCz2qQ
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
147.185.221.17,browse-classic.gl.at.ply.gg,186.50.246.95,17.ip.gl.ply.gg:38264
Mutex
OgqyvwoUGRsJ9XWL
Attributes
-
Install_directory
%AppData%
-
install_file
svchost.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections