General
-
Target
hexxapubclientV2.6.exe
-
Size
41KB
-
MD5
ac19b0d90c0f9b256f5827fa546e2b04
-
SHA1
5200867da0a06753edfeb7c6ad97654999810484
-
SHA256
bf04d64081c4063d9df69e3de50c2a39ee510019fe234931da47ebb555582071
-
SHA512
f8b5e856f2b404ae99e3691d56cefecfb58ecf234b4102fe0f5054b834e38e32e5fca1f834342ccb87133c6d018e68727b8e38cf60e0d5be70e623ffe9f7f427
-
SSDEEP
768:JG2ZOWZ42nxuDGXvgggzLJF5PG9pmN6vOwhE3Eizk:JG2bZ42n0CXvvgpFI9AN6vOwiFg
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
pay-nails.gl.at.ply.gg:60178
Mutex
ZVDh8RUxFwYcigYC
Attributes
-
Install_directory
%AppData%
-
install_file
WindowsSystemDefender.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
hexxapubclientV2.6.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections