General
-
Target
AllCheats.exe
-
Size
90KB
-
MD5
e70391e7591fcff1a0a0f7d133e4f15f
-
SHA1
78bfe486637892ede60fd692fa24c7aa12eb8583
-
SHA256
17d70defca62eae6022b133c8db97a069c1b8620f2e3b27ece727a0c4be4c79d
-
SHA512
c75b06a8fa75deeb6fa63643cdeb3acac7774c0bbf0defbdb27e75cb42e2fe356a6a62485b2192fd8429815c9ad877cf9e3e48329c3a50e899821dab07f7c597
-
SSDEEP
1536:qymKELEqYUjwj8VHzouKI73yobkBSDLYK6iGvOO5CG0TBdjF:b2XNYaHBbkBSKmOQG0PF
Score
10/10
Malware Config
Extracted
Family
xworm
C2
127.0.0.1:8848
localhost:8848
domain-vote.gl.at.ply.gg:8848
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
AllCheats.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections