General
-
Target
c1130543ef2f5093477fc0f719d889445cbddf096494122a64f268aeb9a2d783
-
Size
276KB
-
MD5
9f14aa0555e80190fe99817d0b3ae058
-
SHA1
d5b77274a0d5cb8a3b17d12b26e8fb48914c6d98
-
SHA256
c1130543ef2f5093477fc0f719d889445cbddf096494122a64f268aeb9a2d783
-
SHA512
88ea107c23eb017d8dae25d57402a11ccc2660d4860259f40820676aebeef1df920e25d1280eeca5cc24a249d8f654211c752c7ed64399f5d07ef160c6c238e7
-
SSDEEP
6144:zrMRFSb7IdaHvbp/yYtgE6dWltqvMJAF0tWcTPEt8:HMrSbcdgd6YtgP0iU78
Score
10/10
Malware Config
Extracted
Family
xworm
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
-
pastebin_url
https://pastebin.com/raw/819HpC9S
Signatures
-
Detect Xworm Payload 1 IoCs
-
Detects Windows executables referencing non-Windows User-Agents 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
c1130543ef2f5093477fc0f719d889445cbddf096494122a64f268aeb9a2d783
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections