Overview

overview

10

Static

static

10

WizClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    WizClient.exe

  • Size

    30KB

  • MD5

    3948f7e5c6ccf42b30bd1c0bc5e43053

  • SHA1

    11ea956b4986b4a8bdb88cc9293e0f2d5304a831

  • SHA256

    82feb89bfeba4b250e7a36163e4c37824b6d755451c86ffcba088052739ca9dc

  • SHA512

    3f574497e33c8306599dd7f453d4ded82f34cd901fd8a35876dcf12918faff4f6f0bca928e50a1416343ff5b6b40ed4df16da3a69d26062ac28bd655c13d78c0

  • SSDEEP

    384:2foCEwCPmtt37GRuSFWLLZk5ImYTE6QmRuptFlBLTIOZw/W2Zvn9Ikn1txOqhXbV:Bmtt3onGHm4Cm0FG9L9OqhXbV

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

during-goto.gl.at.ply.gg:45478

Mutex

Ar2R1fYQ4WK2iucp

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • WizClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections