General
-
Target
XClient.exe
-
Size
32KB
-
MD5
4d93e78bdad7a0a9340f52c36469971d
-
SHA1
7e31a39c239411121871c2b5e33ec7b976f9d2cd
-
SHA256
b52db5333cab1af69632ccd1ac13e6c8136eb635df8961733ccba11269811396
-
SHA512
dd77997e057097e13623fe978dd88474f5498cca047a2a7700d034eca81a069ad31d2f853239647e77c02e0a30f4b0386b2918bcaaa025843e390f939af48822
-
SSDEEP
384:GEbmX5Qa+vN1h1+X3v6JFjL+g93Tm2eaFOYKdRApkFTBLTsOZwpGd2v99IkuisTy:fVa+vNtg+PB93Tw4xKdVFE9jGOjh7bR
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
19.ip.gl.ply.gg:44123
Mutex
ZzGtTheGGwVXfIoR
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections