General
-
Target
XClient.exe
-
Size
39KB
-
MD5
c35b61288dc072b97df216cf6d952b58
-
SHA1
2aa58e6218076a841cf799e2349acbef95027aa7
-
SHA256
a167fff6aa47413ffa90cbddf84825c771c818e7246be7b98dfc149d275df97c
-
SHA512
d5ba40e89c0d991f2e42c8d33db0a95d03b217a4b13935be3ad4cb9a920cfb6bafdf12637fd00f2f9e7b8bd1f90dbe0c45a1b77430e5f75bdff077b3c0ef8188
-
SSDEEP
768:BOidfDbf8P+E6Ay0F5Ph9hgw6FOwhfICFTcJ:IsfD4WEjFD9Gw6FOwuMS
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.0
C2
updates-full.gl.at.ply.gg:60075
Mutex
q2BDQq4A43BX5hLP
Attributes
-
Install_directory
%LocalAppData%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections