General

  • Target

    XClient.exe

  • Size

    30KB

  • MD5

    46a46e2f914bd467f2468dfa53ae2650

  • SHA1

    0c8227884173cc4b6d2a66e3a9f495b97edcda87

  • SHA256

    543b1d9f0b35fc2710137852f398ec8d79ed2d7fd56d0d8c4e8195ba6bb3ca40

  • SHA512

    45f493572fdd15c2fecfa7fa11a6b143359007c97439e6f0ea34aed7a61e38a41ba75b9cdeaf421deb4e3d8faba322fc50bc36b41a39e706f18db8db01414309

  • SSDEEP

    768:necbl/b37gMYAoRFNk2uBFE9R8Oqhmbz:ecx6Nk24FE9R8OqIH

Score
10/10

Malware Config

Extracted

Family

xworm

Version

3.1

C2

127.0.0.1:14552

Mutex

VBErVnBXhDwhu03q

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections