General

  • Target

    XClient.exe

  • Size

    69KB

  • MD5

    48fa37bfdbbae02582c9c42739dc44f5

  • SHA1

    4e017bfab1c984ae34e00c4ce44f57be2341baf2

  • SHA256

    17ad59dfa6de2b427c01c1b03eb02493952a733006055acdeb67703efd27d4ff

  • SHA512

    ca25dcacffd03dcda468dee961b2f8259cb7e4d79231cbb011fea556a22851275947d6244eb6288dfde6291fd65a3d7a5acc01a8ab0b1fcb659a094e4399f62f

  • SSDEEP

    1536:1O/LikbMcOrgKVs+8c+b+zl76uSr6nLyHuOwTiU9JJK:GLTOreC+b+Gk3OhU9Jo

Score
10/10

Malware Config

Extracted

Family

xworm

C2

loss-winners.gl.at.ply.gg:1567

Attributes
  • Install_directory

    %AppData%

  • install_file

    Expensive 3.1.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections