General
-
Target
ba9f76cb8796a69a3cc14cc862778111ae7aa600e0fe7b7b26f4025b2d7af0e7N
-
Size
45KB
-
MD5
3c6cb94f2c484f92934792ad6e3cee70
-
SHA1
db46a9480fecf50d78ca9fd83668b3bdc092a9a6
-
SHA256
ba9f76cb8796a69a3cc14cc862778111ae7aa600e0fe7b7b26f4025b2d7af0e7
-
SHA512
9514a9578fead6079e841e7a465da8a9adae4356aaf69e72a1b649609e267db328268ea96bb2e821ef6a8a589a19456b9d9be013342f106a5ebc1ef781b4150e
-
SSDEEP
768:/UI6ZV/vFJ35CVHpMjRcIIGwLhaoa/dNSjLF+W9Och6BO+hMbVL52Q:8I6ZV/vfwVHujRcUzoaFN8F391h6BO+e
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
185.84.160.88:7000
Mutex
96ucN8WKTuguvCWk
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
ba9f76cb8796a69a3cc14cc862778111ae7aa600e0fe7b7b26f4025b2d7af0e7N
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections