General
-
Target
XClient.exe
-
Size
37KB
-
MD5
c583068df3c1910d7b02005424fb6c7b
-
SHA1
b991c20edd841a144dc2dbf1faa77e56dd5102ff
-
SHA256
e623486c99dbab73c530a777e6b5e0cd485bfbbf2efe69cabf78404177c6646b
-
SHA512
762ffe97704bab9e8a13473e7542c62d55e279ed3dae61555c29a76e4e62db4e1c4b07dcc2771454c3785f9f81ea913dcfb3293bbcde388d57b15edc7fc7e990
-
SSDEEP
768:Ra1LxMC1Jt3Tw4e1dVFE9jlOjhmbJFpET56:o1Leat3U4epFE9jlOjgFFpETk
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
127.0.0.1:1488
print-inbox.gl.at.ply.gg:30392:1488
Mutex
Bmx4FBT1zLVuz9Mw
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections