General

  • Target

    XClient.rar

  • Size

    64KB

  • MD5

    c648d38f1ea62ccf7d1a541351558f25

  • SHA1

    99ec214b2eb19f67deb8b74763bb24ea3d563ef0

  • SHA256

    c4098d8085097906713a2f1a74d3e2b798d43528dadc1e652e029ffbac7e4b68

  • SHA512

    36cfa56488b4e0773e4dae51d799b8e9f4a70b0857259c613f3fce774ed117550ec0c49a23c52dd1ea965f8f1ad7fc032b4c9bf9cfbf5769d88f431d38168225

  • SSDEEP

    1536:aJLQ99r2ihqbAU/p1OL7ysvcySnlUjLFMgNxp82nNVW:ax+9Ib1sCy2SMa3nG

Score
10/10

Malware Config

Extracted

Family

xworm

Version

3.1

C2

dffsdfsdfe434334.bounceme.net:4500

Mutex

IP78agCbZU6v7ZTL

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.rar
    .rar
  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections