General

  • Target

    XClient21.exe

  • Size

    65KB

  • MD5

    1f0562410589065ddf2069df97270eb0

  • SHA1

    8c96e3b03034a206e5fe6146cbfc08c425215a04

  • SHA256

    0bc6914fa7a3303d3a3a3682c17402b1fa5a55f95b9f05b8e01b5cd7b589435f

  • SHA512

    98e3cc133e91a0fb8c7d169abfc53d461fdb654d656cda7ff259fa88f918288f80f0ea4b2e185b861f211ec6b7246a82d3dccb52ba623ebc7ba0565339c5c59d

  • SSDEEP

    1536:hdS7RGHg/yHtTyn/xb1h+bkCtFZ62yInODbOxI9Pm:fSWgKqxb1h+bkGyInODbOxIlm

Score
10/10

Malware Config

Extracted

Family

xworm

C2

teaching-ada.gl.at.ply.gg:30074

Attributes
  • Install_directory

    %Temp%

  • install_file

    svhost.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient21.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.