General
-
Target
RAT DONT RUN.exe
-
Size
85KB
-
MD5
5cb93f7a545b79510755c6650e3e436d
-
SHA1
48b6db4a2590a2f9a1be846becbe36c2d691d75e
-
SHA256
235831fdb2e28a3ef2daf64665da2a4aa2d2aae57f3cbf3f8c16673cff650ef1
-
SHA512
9b7313f9a26bfc89b9e2e60f266c3c08fa7109d361a505b8ad4bf2a525abfb74e1002dae8ee3809dc719feb29e78455471ce1a8fa210eddd5593157102cdd964
-
SSDEEP
1536:SQPau3cSAj1QAfp+QG53WGSWW7bQc81/x38z6CVr+6wzG8tgOxnLlO/5zPN:vaYcSyx+QG5GPWobQcMxG6CVsaROxnL6
Score
10/10
Malware Config
Extracted
Family
xworm
C2
at-val.gl.at.ply.gg:26391
Attributes
-
Install_directory
%ProgramData%
-
install_file
XClient.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
RAT DONT RUN.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections