General
-
Target
XClient.exe
-
Size
72KB
-
MD5
74f9241e9dd88f8cc14f0e43acbd01f0
-
SHA1
a85dcca23169be055bf36b9bcf77926f3563f3e1
-
SHA256
109e33011a54ee40a7c7cc676ce610d99f05b45cec517c629ec972b2c3fdc1ae
-
SHA512
cf7a465f887c73132141f1640301cf24f5105ddf225ba7e713c05f5142a6b8146aefd0aa2a2490f1b7b7d3be587fa8e178d147528fb24fd9ca26f25edfe2079e
-
SSDEEP
1536:FSqF2OmVmzhGNU/DF/LzfABcBsTCMobqRZ9k3v+6n+fdPOyKCqK/:5ctq/DdvfacB8CMobqfav+5OyKS/
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.0
C2
ayumi-27013.portmap.host:27013
Attributes
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections