General
-
Target
0478f9d1d2feebe286fd8c497705fd4e.bin
-
Size
72KB
-
MD5
0478f9d1d2feebe286fd8c497705fd4e
-
SHA1
9172687b6966bd12a4c0ee9714df03762336898f
-
SHA256
243ec139d5bf3be07a6b027a569791b06fe20a3e508a2b0dc80cc939c89c3e83
-
SHA512
a2b3de335d8bdbf8106c25bc62ed9305ff2c7416d35c0b7fc15fb55e0ad8c20ae179fc2cbcadfa88efaf27bb842d800142305ee6e0e3f7a7e7024e500fe1b4aa
-
SSDEEP
1536:k7AzsLBevNuWk9C360ybbibtr5EaO46s3X9Om1OZiKT6VE:k0zaevNuW8FdbOb0xe9OmIsImE
Score
10/10
Malware Config
Extracted
Family
xworm
C2
127.0.0.1:8080
Attributes
-
Install_directory
%Userprofile%
-
install_file
1XClie1nt.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
0478f9d1d2feebe286fd8c497705fd4e.bin
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections