General
-
Target
WizClient.exe
-
Size
75KB
-
MD5
40a2e235fa421680c8b0e3abc6bff067
-
SHA1
070643e06abf8c62987b56779552e67d6301c3e6
-
SHA256
4b28b149e84f168532beefce60e77df1f6037aeb619c3f5cadb2b1616ca5fe09
-
SHA512
38265b2ee3347d3098cee17723e3c6e3694e4dc1992eac0664e2f0f30c9bb32365b80a2302e727a9041605befdf80a3c6d37f8cde4fb955fadff63a500229623
-
SSDEEP
1536:TzBtmTym/ww5NSTm1qVYDI1/RMb/7te46fe7RmUOAwfm7zm:PbQyWw4NSibDSMb/xeWRmUOA22m
Score
10/10
Malware Config
Extracted
Family
xworm
C2
different-mixed.gl.at.ply.gg:43775
bc1qc9ptm4exgf7r8qrwlx3ajyj26y7rw4hmgkgzwt:00
Attributes
-
install_file
scvhost.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
WizClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections