General
-
Target
XClient.exe
-
Size
36KB
-
MD5
89cf73fe87b8ca837534d578eaf3697f
-
SHA1
9962ea5ceaa91262e2e556926cace4ca6101ced2
-
SHA256
dd938b0395699ec0ad7d6309c1fab4cfbafb3b170dc3665e77d4de4fdc958aa9
-
SHA512
3e23e57564517c8f07aee268a9ee8087604bd993a9983f36ffbd245c51ff1e39216f2266d5d3cf18baa586fd6f254f59383b087c68726018c2d492284c67000b
-
SSDEEP
768:AMTd+k/0haPBLwp21GxZEQy1Ur7LFyW9f5OjhzPyD:AO+K0hCBUGYTiUrFv9f5Oj9O
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
changes-ancient.gl.at.ply.gg:41666
Mutex
DYn8WA6Sy6Tyti3u
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections