General
-
Target
XClient.exe
-
Size
32KB
-
MD5
6494a0d74f5f50caec131cc6fa3ac484
-
SHA1
118f01d1c3381502a5f8e3b5f1cbff9fbd83a062
-
SHA256
51a7f4905a1d7ac3d003a1d38979e1ca74995c570516e9e2b409b586bf4b9a9a
-
SHA512
b6eeb445358af55ad98eb0a73ab9e0129d6d55ba88e6bcc3bf0023a7026251d9f6713ceb17cdacea39f52f4c8647b4428164d3a687ab246beaaf5e8bb873e082
-
SSDEEP
384:mlRmhGD91SluSWhnHHxzLmYV3Tm2eaFOYKdRApkFTBLTsOZwpGd2v99IkuisukVQ:GRPD9OQhx/BV3Tw4xKdVFE9j2OjhEbU
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
media-stevens.gl.at.ply.gg:55107
Mutex
beA1rj8u8Yd7Z0jn
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
Password: 123
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections