General

  • Target

    XClient.exe

  • Size

    61KB

  • MD5

    d4da0ac951e8e5ecc9bdaa37f8ce6efa

  • SHA1

    e59a48c06345fa211119b73c64b5fdc55bd2c496

  • SHA256

    91b7dffa239d1f1698e6548c42e796e0d68feb2816e9c055e16bffafcb119e60

  • SHA512

    75a09d740ec684249f548c03cab1df8cf86c952fe7f886f0cb55528d3f4f611b707ebedb7c5e42d0e12e7c5fdfac5f2a39d04ae16fa5bbc9108c528e3b5aedb2

  • SSDEEP

    768:A3tiGXbtXn+VNACttF83+9ufsltGCPogkbNGi15tt8i5aRy7P7VaOah+b4ljgPp+:A93WJtsQuftCPbkbN9zz4U7wOawQw+

Score
10/10

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:7000

45.67.35.71:7000

Attributes
  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections