General
-
Target
XClient.exe
-
Size
55KB
-
Sample
240825-k73cfayarl
-
MD5
10cd865afb039c396fe4d51d45b06e90
-
SHA1
91de8eb5075f2a7ee1fa3cd39ee8d9e26dbe8546
-
SHA256
5a9678c133518ce71e1b43752d57d604d707c0ac2429839a9dad345ecd7aed16
-
SHA512
472db1787fc76c49f9285fe3a4a4b3859695ea413ac741229e92b0632bbf7ed9a75e540921a0e29308db2d22dcc53f135b85989eef75670452f69921e5fe84ea
-
SSDEEP
1536:NUeOUiiHirUJIVH9N+kLeKkbO+Loy9NaOKJOL:N1iwi+ZKkbO+BNaOKe
Behavioral task
behavioral1
Sample
XClient.exe
Resource
win7-20240704-ja
Behavioral task
behavioral2
Sample
XClient.exe
Resource
win10v2004-20240802-ja
Malware Config
Extracted
xworm
22.ip.gl.ply.gg:7543
-
Install_directory
%AppData%
-
install_file
Soft.exe
Targets
-
-
Target
XClient.exe
-
Size
55KB
-
MD5
10cd865afb039c396fe4d51d45b06e90
-
SHA1
91de8eb5075f2a7ee1fa3cd39ee8d9e26dbe8546
-
SHA256
5a9678c133518ce71e1b43752d57d604d707c0ac2429839a9dad345ecd7aed16
-
SHA512
472db1787fc76c49f9285fe3a4a4b3859695ea413ac741229e92b0632bbf7ed9a75e540921a0e29308db2d22dcc53f135b85989eef75670452f69921e5fe84ea
-
SSDEEP
1536:NUeOUiiHirUJIVH9N+kLeKkbO+Loy9NaOKJOL:N1iwi+ZKkbO+BNaOKe
Score10/10-
Detect Xworm Payload
-
Adds Run key to start application
-