Overview

overview

10

Static

static

10

EvilClient.exe

windows7-x64

10

EvilClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    EvilClient.exe

  • Size

    46KB

  • MD5

    c5bbafeed8c3ca1d344f6327f81ff0b0

  • SHA1

    df31199e44cb4ab43c1bb5fb4a27cf26fb281d1d

  • SHA256

    2ec532f9116e03a7a994ec180a9419914061ae1fdde20416674567e3552d03b8

  • SHA512

    9acb3c6dff7c417edd32282125b288d1980405a440f4f9b5d6e1ce6b08cf97f9acc0a7f224bb92ffbac74cc8cb559084b8244babddcedcc0b52eeb0f4fbc5d43

  • SSDEEP

    768:gWbYAMICLOBuTJLksJOhS0QCLh3xLPQhLOQ1Z2p4i:gWNIlL6Sjkh3i1Oy2p4i

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

2.2

C2

florida-steam.gl.at.ply.gg:9260:9206

Mutex

TyOCTqsZi5CeEQsD

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • EvilClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections