General
-
Target
EAC OC.exe
-
Size
303KB
-
MD5
bedf5cfaab1e2f67d75a4e706a0bb124
-
SHA1
7468d5b125d1eac7573bed109c4ee4a2bed9fbc2
-
SHA256
69e6ecb959f5df54c4a81e6393a23b4afa13925ff750ebc20b013201d9512517
-
SHA512
799d4964b238feb49a1400e6a86079377251a1eae077e3a6bda2bbfdfbafeda876f50874ba0edf53c8786149247650370cd566e45811407d2857e756e4bca4f3
-
SSDEEP
3072:+xIFe9eJOMrAZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ+ZZZZZZZZZZZZZZZZw:Te9C+GIIIIIIIhIIIIIIIIIIIIIIIU
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
127.0.0.1:56967
something-italy.gl.at.ply.gg:56967
Mutex
hHhWYJffPgL3nS6f
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
EAC OC.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections