General
-
Target
XClient.exe
-
Size
40KB
-
MD5
efa6fe7a0fed79f18b3c313063e97d25
-
SHA1
7deb26d64679d7fef288f2a0068a0965b490758b
-
SHA256
59bd22074ca7234553a0381ab31dd0dba972e03db211ca82a0cc6ab2cc312f77
-
SHA512
bcea1b81049d8c4b4e198add01aa32265be400d3963c7a5758509dbb9b9b9149e7674bd743713cef90e424d3b07e62d9da42c3a9631f2f38691ce7e50a004de4
-
SSDEEP
768:dJmozPu6Ut/OHQ5YV4UHtFZmrIBJF5PC9OlJLE6BOMhn3/eT:dFzxUtWIYV4UbIrIvFc9oJY6BOMZk
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
adult-mai.gl.at.ply.gg:5674
Mutex
hf8LZkWuI1linJTk
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections