General
-
Target
pro.exe
-
Size
35KB
-
MD5
b9a8102040acfebea1d124858debbd6d
-
SHA1
3b9b489e8dbe3248bf16ff18e8e1f8d8ac0b65bc
-
SHA256
e10c990e9fb0a1df59f0b07697ea27df30a29b930e61969793094e41549bf1aa
-
SHA512
f3f6cbf9c3bd60a545ea7665772c16ecab50ee910dca36835d1e52771ecd46277b941a86f62194c3bf34eea12d60189fd729620398ef060374ed7127e20ce23f
-
SSDEEP
768:IoHv9ouQGVdhiQfCYzZ4mVFy+9FkOjhiOEk:IoHloqdhVa6Z48Ff9FkOjr
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
modern-educators.gl.at.ply.gg:23695
Mutex
fHc8fehQ3SQ6ksf6
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
pro.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections