General
-
Target
9c328d44e2cfbde65d3da9d7ba351d6f0ccb58423ca6b72ad0e37e4b8b4b92ad
-
Size
68KB
-
MD5
26917e701dfa9ab7e1a3a3454cd4c848
-
SHA1
edc9d2a9ef19310d4798f3dd38e86959a4b9b314
-
SHA256
9c328d44e2cfbde65d3da9d7ba351d6f0ccb58423ca6b72ad0e37e4b8b4b92ad
-
SHA512
cc945a4cee9cc7769d75d2a9b32410cfb430aa98c5e16537c7c7c3000c43df735c6b5151c54d1b9bd4fbcc58d595c545cd6cce6ce4c287854d0df2318a71c2aa
-
SSDEEP
1536:/phlXi7u7dPfJLALNG6GzwK6KUR+bz+eTWVOHIl6jMK3nGOUxBlY:/pe7u7ZG4bUR+bz+eScHIkfnGOU5Y
Score
10/10
Malware Config
Extracted
Family
xworm
C2
127.0.0.1:8848
modern-during.gl.at.ply.gg:8848
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Detects Windows executables referencing non-Windows User-Agents 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
9c328d44e2cfbde65d3da9d7ba351d6f0ccb58423ca6b72ad0e37e4b8b4b92ad
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections