General
-
Target
WizClient.bat
-
Size
31KB
-
MD5
8c7ec04c00d26d1ae44a98e88f0d07d1
-
SHA1
ef0dd366a7f1bd6cc72ddf1c1caccd6f06649c1e
-
SHA256
f9d36c94e055b206eb31731ac990a1588462862ffd642a684a907e710174ddf8
-
SHA512
ede9e95208145074fb44f5eeb809897cbb7251c8b24bf732ae85c62dd61c27448f698a6a4942b7a1cf0151d62f7a81b6e7749ac78a9ea66c0f3fe0f59ad90c41
-
SSDEEP
768:9bYHAyARIj3N9zLoKwcFe9WnOOmh/tbxa1N:Xf2j3NZnfFe9WOOmfcN
Score
10/10
Malware Config
Extracted
Family
xworm
C2
127.0.0.1:5552
Mutex
TC8nUKo6Nds9PKMV
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
resource yara_rule sample family_xworm -
Xworm family
Files
-
WizClient.bat