General
-
Target
XClient12.exe
-
Size
54KB
-
Sample
240512-ct89tsca4z
-
MD5
ab8656e5a412310f1b1b6bb84f00d937
-
SHA1
b734c77fefad63c27cf95281f754849f159ca5fe
-
SHA256
2ad5f248f621265c9e62a00be47605b8d184815d51e60d6e76062f6c763b5679
-
SHA512
e1d8ae1d65f8dcbf52688907a6d16144ba9df2fedeed964e9a419ca2797361911242bdf12f7e0cf6188517ae12fbcb84fb2a555af32026995177c4f5450d0c91
-
SSDEEP
1536:dHmk4y6IS9w2pOoL9oNkbWkhxIDGW1HOAIIQCm:F4KS9nOeOkbWkj/WZOAJi
Behavioral task
behavioral1
Sample
XClient12.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
xworm
120.156.150.101:8085
-
Install_directory
%Temp%
-
install_file
USB.exe
Targets
-
-
Target
XClient12.exe
-
Size
54KB
-
MD5
ab8656e5a412310f1b1b6bb84f00d937
-
SHA1
b734c77fefad63c27cf95281f754849f159ca5fe
-
SHA256
2ad5f248f621265c9e62a00be47605b8d184815d51e60d6e76062f6c763b5679
-
SHA512
e1d8ae1d65f8dcbf52688907a6d16144ba9df2fedeed964e9a419ca2797361911242bdf12f7e0cf6188517ae12fbcb84fb2a555af32026995177c4f5450d0c91
-
SSDEEP
1536:dHmk4y6IS9w2pOoL9oNkbWkhxIDGW1HOAIIQCm:F4KS9nOeOkbWkj/WZOAJi
-
Detect Xworm Payload
-
StormKitty payload
-
Drops startup file
-
Adds Run key to start application
-