General
-
Target
XClient1.exe
-
Size
149KB
-
MD5
6bc1c41509795b67fe2ce2388e26bb6b
-
SHA1
75f13cefec0246a8989a08b7eafec735fa486812
-
SHA256
51aabf0fcf119a752863c1d7f2a8a8487a4a17aac779a7f3cdc58a16bd369c2a
-
SHA512
6e895d8fc1e41f308bed6a410e471e07934669ea74ab4033da287df738676e4d95a18e735ed72dbe9a7e6389392acea0b878b167c6a3446deb3fd8850c7a0019
-
SSDEEP
3072:0+G7u6jTFr99DO/gO54NpVq8BxFRzaqF+o2GQJ7/JzqVfGvH:8Pr9e5gVqwlL
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
17.ip.gl.ply.gg:64258
Mutex
hOoKJW14mhf9ctLw
Attributes
-
Install_directory
%ProgramData%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient1.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections