General

  • Target

    NET.exe

  • Size

    73KB

  • MD5

    3720095282b6f508a178a2af3fca48bc

  • SHA1

    44d82c8f7fd6d78f1596f0cb3a3c016870488f82

  • SHA256

    941eae71fe72f8e0ffea737b2e7fd557064f9677d042e12e0f894e69c49c2c5a

  • SHA512

    41df99880f65d3458116adbe5b1bde6beadeae76ff46b69081b3940646e629a64da27780d02c0fa8e828f6ce06170399874802ee472b22d858bef372a1c0af87

  • SSDEEP

    1536:erACqe4rxKD6QDlgvp/6o9k+bKvUJ/JdVtOBLypOi2VI3i3:Y/axKDFDQSoy+bKoKBAOi2Vki3

Score
10/10

Malware Config

Extracted

Family

xworm

C2

172.23.112.1:7000:7000

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • NET.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections