General
-
Target
XClient.exe
-
Size
39KB
-
MD5
dfc191c2d6414fbefcda695fedcac614
-
SHA1
a2f01a5c1aa6da85d2d3593b71b509f50a880367
-
SHA256
8fa8e02a32db4626290b784d771e051ad9d12f396c4e95267d8b072835e81be3
-
SHA512
59fd4f6d6384b3df8eb67b47477e0474053ca30dff6a4bcf057bb2f8fb2a8a57eb4c11d8308d410290d55cde3bb47dd654eef9a235787a3b3e86103e9dfff9f2
-
SSDEEP
768:WG7+qmT8ztyh6pwDYvCL2v6hCuuJf27iJ1fFWPG9/T6OOwhbjib5:VfmT8ztyh6pwDnKwCuuJfBFv9/T6OOwY
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
20.ip.gl.ply.gg:4219
Mutex
sGAsjjcwpIJWoflZ
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections