General
-
Target
для дискорда подцветка.exe
-
Size
74KB
-
MD5
1fff6319630c8840455856ccfc3fab6b
-
SHA1
8d23d47c005cb8e59da31d6f5ceacdafda3a2ea3
-
SHA256
f58fa175e86798fe2448f5505e6593f4970d584cb6a59c2e35ae3508053f99b5
-
SHA512
32dcf2abef8f015bf9b8dbbbfdeddab47aef4ef062c6e812e83f6e363a701bc2296727f7971c7eebd4cce2023d14f092612ba6a4eaa8c40d0ad841e9d860943b
-
SSDEEP
1536:ZRhuDQx5Y55vNUWmjS9HnxbZgQz6vOcb9XjIdhd:jwsq5v+WNFnxbZmOcbFjqd
Score
10/10
Malware Config
Extracted
Family
xworm
C2
127.0.0.1:8848
localhost:8848
domain-vote.gl.at.ply.gg:8848
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
для дискорда подцветка.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections