General
-
Target
XClient.exe
-
Size
54KB
-
MD5
e49d1fd1eaa0751cd9038a4d619f3cdd
-
SHA1
0ff9766cd0916a7eecdc57e39e5f618b72477c73
-
SHA256
69ac931c138908a1df2c23b2a92c621f90ef22037a0a21c2b3873318d08083dd
-
SHA512
6f62194ced07fc9106d8bf2daf4522380e0f4419019835b7b0f4cb8d56ede93b3b1bf8fa51087e4f18fe61d9608591beb8e81663bd9b6223d1c923f77627e479
-
SSDEEP
768:O5dJf9Vu0e/AvD7xVKNrV8nHjbLIpdbgQ0CKbqN0gFrvzYPm6OEhHuzv5:gJf3eSK9O7ibgQNKuGgF4Pm6OEEj5
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.1
C2
host-confidence.gl.at.ply.gg:62950
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections