General
-
Target
XClientreaalu.exe
-
Size
83KB
-
MD5
603b9376e45cf1ab5c3b534322d992cb
-
SHA1
1ef66bf4556f7ab9097fef444bc58cba086c33a7
-
SHA256
3265a73d34fd0322dd6589dd7e68577eb94ee60fe5c1af0525a99fea2acf0c57
-
SHA512
835d4646636b48052645bb7d3eda9eb1a44e17810ed3d47b2f960680f19c331cdf00448c3f177f80cb30e2a8ce4e951dbeefe930ad6994f622ffefe24b772d4f
-
SSDEEP
1536:YD/NX0TcW+X/s0gLZcFxyJE6xp35+bp/ilpSBt6OVOM2ZwHL/N:YZWIsVLk+VX+bRiQxOHwDN
Score
10/10
Malware Config
Extracted
Family
xworm
C2
likely-necessity.gl.joinmc.link:30725
21.ip.gl.ply.gg:30725
Attributes
-
Install_directory
%Temp%
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClientreaalu.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections