General

  • Target

    XClient.exe

  • Size

    71KB

  • MD5

    b82626cc0347f048f8da43fb67033b74

  • SHA1

    2a5ea2cc17682a0750b4d9f9ab84c53e20ab49c9

  • SHA256

    da823b302bfe968cb38012247306efe78d3de49dfd2e46988222edd92bae4599

  • SHA512

    434d1d159ef525ca5fce31d88499cce87e1d9620c906f465e245a711a6f44b6c85838d87d4c76f4efd2ae4364be3fdbb51e4e262dd3eab12b7ac0c528b8d123a

  • SSDEEP

    1536:YSZYQ7TuBPAcJzvtC5mQWtKSEzhdAb0Yd/JFwNNm+2WOEjPQ59GRV:YSr8lEWtysb0YLFwNNm+ZOEjP3V

Score
10/10

Malware Config

Extracted

Family

xworm

C2

runderscore00-25851.portmap.host:25851

Attributes
  • Install_directory

    %ProgramData%

  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections