General
-
Target
WizClientV1.exe
-
Size
67KB
-
MD5
22d9d5268a2c479308e1a16caccff8c5
-
SHA1
3a1705a221d0ecaca0d7bf47fbb66573258ec6ef
-
SHA256
8461db9669f9cfc5cf8edb928ea1e91311682c8937caf731f1d4d8e82bcf44a4
-
SHA512
6ec02f1570d00c74667e6c2633ebd68a581b5d835ddf58ff9cd2ad810bec9f42743945ac5f1153422dc8f0e0cbc894100b52ce2fb8e38b7ccee578f23abcdbfa
-
SSDEEP
768:IQMO+uzo+ZgHFdDsg6TxbNknzcY6RDmIsYU4WsXGccbCbbMXsQmw5S/dGqc6a0OB:WL76TtgSmJrQbbMdmg4S6dObd+sSaoM
Score
10/10
Malware Config
Extracted
Family
xworm
C2
distribution-between.gl.at.ply.gg:64197
Attributes
-
Install_directory
%ProgramData%
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
WizClientV1.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections