General
-
Target
XClient.exe
-
Size
69KB
-
MD5
cbdd3c182f4b57760f91b2498313958d
-
SHA1
e5d506c5acedee17b6300c7a91aab872740fca80
-
SHA256
8dde375372cc704b0d85f90f24a3ec1476c69e21febfe5b22c668bf85983645c
-
SHA512
1dcdca5edac529678600f390be6f3e95646eb406801ae2adf10ac9ae9c728ff7043f97727a742b5bdfccabea9b5616042eb225bde8f5f65aeed0201e61ee1de8
-
SSDEEP
768:OmxAPlQoiA+OT2iQ7JxNFzOd2yZq6U6pZ1mTbhvMLQTXAkHn95aMFOVhtqt8Hd9U:HxAP+rQ6zOdzhUoibpqLCnlFOV/fpG
Score
10/10
Malware Config
Extracted
Family
xworm
C2
surface-disco.gl.at.ply.gg:22817
Attributes
-
Install_directory
%Temp%
-
install_file
XClient.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections