General
-
Target
1f002be3e2c89853aab023bcfac564bf6a2f0fe4d3ff936444594964413b6fba.exe
-
Size
170KB
-
MD5
a805c895c507a30f12e39e04f55a7bf1
-
SHA1
1871cc40e2c48397f54d96d6be8fe07c0b615fa1
-
SHA256
1f002be3e2c89853aab023bcfac564bf6a2f0fe4d3ff936444594964413b6fba
-
SHA512
5b1b85a835c0d2f5253e2d421541344b1798365a8f25131f73b12df578958b257ab89d602ebff8974750dd76cf2fe5195ef9da6f7f017f180927f771121c02e1
-
SSDEEP
3072:T7FTPCDwNXHwR8bOH9yE8OB7SnFTM+lmsolAIrRuw+mqv9j1MWLQM:T7FTaDwRk8b09N/7S4+lDAA
Score
10/10
Malware Config
Extracted
Family
xworm
C2
127.0.0.1:1234
143.198.208.124:1234
Attributes
-
Install_directory
%Temp%
-
install_file
XClient.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1f002be3e2c89853aab023bcfac564bf6a2f0fe4d3ff936444594964413b6fba.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections