General
-
Target
XClient-v0.exe
-
Size
30KB
-
MD5
34e14ac09dd76dfadd06dad74332c52b
-
SHA1
1758499b669b32ed13e66ccf4c19df9648f6d3d4
-
SHA256
2a669fdf94f9ba9c19948f75ef83d4b7c8cbe99455bfaa596454e9f9df5f462d
-
SHA512
bc3ff31828d2f334569cabe5d456af0132c91234d1a6d608299c269a6e3ad47be4d2a9bf0f21600c1515bd472c782c770a0b2082df659d46161ce54f6d7cd811
-
SSDEEP
384:T7wTA+5OfPgEBQqWvfcQLZe3s10hYACSqRN9PD42uRugtFuBLTIOZw/WVnvn9Ik:zrgECfLH1MYAoRN9M2uBFE9R8OqhbbB
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.1
C2
equipment-insert.gl.at.ply.gg:40451
Mutex
PhCFeAo1HUXUX8go
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient-v0.exe
Password: 1
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections