General
-
Target
XClient.exe
-
Size
105KB
-
MD5
72812d44d6eda62e0a721b6a7710e012
-
SHA1
030d142e6aac060a30af0c56f6ba925dfcb8fe5c
-
SHA256
2a0185a92e1b51ba3d9e6211ea72dfd2ea30652f8516c45a194191f113da97d8
-
SHA512
fa31e3f91c19658ff531ca9cfddf2695e7fa179946b200236ea9e4226b4c130ff40105cf7a3252b0545ae18607b20ef1719129482a5ea31c2686d5c62dcc306b
-
SSDEEP
1536:siPgvtRMmpPBZM8fTR7LIbY7nQAWk6sTLclOFaEghPCUdK:slgm3ZMQBLIbYDsqmOEEg0R
Score
10/10
Malware Config
Extracted
Family
xworm
C2
advertise-located.gl.at.ply.gg:54921
19.ip.gl.ply.gg:54921
XWorm V5.2:123
Attributes
-
Install_directory
%AppData%
-
install_file
Delta.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections