General
-
Target
XClient.exe
-
Size
32KB
-
MD5
ffa8736c590bcd66249a0149972620cc
-
SHA1
044482a4df41ef7de66986157ee04353398c4940
-
SHA256
d65a06127d078065b2f3a604f465fd5ad9f7b7ad37c4a2e78c2a494b08602193
-
SHA512
4db7dc1400eb5cf9ebf566c0de77c41cc65bb93adf2a98ae99e0b03d113b0a7bc4124b0ff1ee922fee9347983f571a976078b749d29450bf8cddf05b85d39c13
-
SSDEEP
768:ARPD9OQhx/BV3Tw4e1dVFE9jpF/Ojhcbj:Ad9OW/V3U4epFE9jvOjS3
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
added-cups.gl.at.ply.gg:665
Mutex
6tF3oP221nesxBQG
Attributes
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections