General
-
Target
XClient.exe
-
Size
41KB
-
MD5
664fece1cd7cbc07a5228aefc85af248
-
SHA1
7e72d757063062e04338025162b40c19ce767c0d
-
SHA256
7281f967c13bad04ca2f6770cbc890ac3492f69edc74f55620104d81eff83f16
-
SHA512
0f3d26a432149a81ae618258268fafddc3a428fdd834001c0ed4b63a39548d1c5ed5f11a52def9e400cda8db90359c77c6dcdd078a054f6a1de6bbeff37a4739
-
SSDEEP
768:wyIOKKVKWC6+3XvgggzLJF5PG9pmv6vOwhC3Eizk:wzbKVKWLoXvvgpFI9Av6vOwcFg
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
127.0.0.1:343
corporation-ver.gl.at.ply.gg:343
Mutex
7P8sORtQ1slNBT2v
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections