General
-
Target
25907f4917410f51edf13db5ea434c2454a3d2b141e62d1b00b49a66a14cc2f3
-
Size
148KB
-
MD5
0753307d2142a071f08d1905fa8e9e80
-
SHA1
ec2334541cc89aea31bfb61c51137d3cdcd206e7
-
SHA256
25907f4917410f51edf13db5ea434c2454a3d2b141e62d1b00b49a66a14cc2f3
-
SHA512
976f5d3e0a7281f400959412c419c7dc0ae86eda9e519317d8885069926f75b439c95b8a12d833b74111c34a368eb4f1a94eecfc3b18c60bae336fcad2d816bf
-
SSDEEP
3072:cF7Ie/vFk9wbO/d04NpVq8BxFRzaqF+o2GQJ7/JzqVfGvM:/S9k9L0gVqwlL
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
103.186.148.113:7000
Mutex
Geg6RY5nGL9Jh38R
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
25907f4917410f51edf13db5ea434c2454a3d2b141e62d1b00b49a66a14cc2f3
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections