General
-
Target
XClient.exe
-
Size
94KB
-
MD5
fdec8e76e9b46f472263a9434f2a4197
-
SHA1
6aaa4c29f76f44e182815e05ebfdfa42534bb620
-
SHA256
40f3b66d0420d6e25b780f058d6242b7ee3ef5516a36b2aa8510589abc70ed71
-
SHA512
5802d1ea571ff909a354ffd8225a5b6876fc16c27f83b438b32ce48937fbb0720ebdcc73b6441939d6b878e4408e000d543910540530ab90bf10e846b84afff8
-
SSDEEP
1536:EQKcbr917eWHzg/IRxVR+bsyi8sAQvNIC6OgOpoQgnK++V9AkdfuA:FteWTaIRPR+bsyeAQ1uOpF++Fdv
Score
10/10
Malware Config
Extracted
Family
xworm
C2
192.168.183.131:8080
192.168.183.2:8080
fe80::d04d:c9ae:80e:6281%4:8080
Attributes
-
Install_directory
%Temp%
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections