General
-
Target
XClient.exe
-
Size
35KB
-
MD5
514ebbee1d411700a881c88ba819b3a5
-
SHA1
1b613a34cf7504f06c2163f082651ecfcaa33513
-
SHA256
40671b3d978501914b8144b23314b955759989eb8035a5752bafe7aaaac90791
-
SHA512
0aff8c4d3670d50f87da2d9a3914e0d688e164a4b17089bb7148e67c5b5409feb825a66e4db3cdbea2fbad5a911e5a85136ed60acbbfd7f701b56cd3bf1077b1
-
SSDEEP
384:YL068R6q5ldqiHnnKoMIR3HLhuXKZLjCH5bQlR/vByu1oX58gtFyeBLTm9gQZwSp:0N2jCgCLFy19rFO/h6ye8E
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.1
C2
rates-atm.gl.at.ply.gg:16396
Mutex
8ndqXWlyKll5Ffc8
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections