General
-
Target
XClient.exe
-
Size
75KB
-
MD5
b68686cabb7e8cf45e26afb0766c6a02
-
SHA1
c163dc30ff8333e958f477472bcfe6828e3da070
-
SHA256
e622c7ab342df0afc5ee816120015b19ee47b072c30139b9f9146aee9a3de84e
-
SHA512
bde0d68db1e13e65f020e3b6aa365d38b23fcd40b201d6a2b1b515eb38787fd1f53856de1585bdc2ad3e21ee3bbd9c66bb163f56c38bff0def00d3dfd92f50ec
-
SSDEEP
1536:X5l/4koXrFrs02DHfJ/c3EWTbAxl+5VWuHdb+x56smDbIO5hMDz3p:pt4kSrFrs0S6EWTbslaFb8J7O5hMDjp
Score
10/10
Malware Config
Extracted
Family
xworm
C2
performance-ha.gl.at.ply.gg:33365:33365
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections