General
-
Target
XClient.exe
-
Size
98KB
-
MD5
859ed27af7d82ed0b9d67437c78d4b7e
-
SHA1
04b22ca1e113f477daa157603640ab27b2c5b06c
-
SHA256
36513cc5af6c9e14a1c530bb0bb5e16312c0277d5b0a098fdb377dd71403a1d0
-
SHA512
a1eb771136ebd5241fd954474fe24a25435025a76b4c3d63b3f92f88e994fa887bdf194d8091fb551d054b51358a7478bd75d51f5ff1d6acf6536a343445fd29
-
SSDEEP
3072:Zl8qGT2XtHth+Ci+b5dnt5bOaTb+eFdv:Zl8H2dzbjb+e
Score
10/10
Malware Config
Extracted
Family
xworm
C2
192.168.183.131:7000
192.168.183.2:7000
fe80::d04d:c9ae:80e:6281%4:7000
Attributes
-
Install_directory
%Temp%
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections