General

  • Target

    XCliente.exe

  • Size

    33KB

  • MD5

    46af754270dd36d49444438d59d3dc03

  • SHA1

    3c7026e503ad99e027c441b386de18ab24417f54

  • SHA256

    6beed422d1b8dd262962ce2b277dfa8d6f852b4572ee818d77173eea1842be4b

  • SHA512

    38d39b06c945cc3690acb463f4fceea44a8bc6d3d5862fdde34ac86e060b06e88969f431029ff83b38f25e3dd616ef64f6e9eca21dbe4d2efdae1577f096a904

  • SSDEEP

    768:zB3hXuukvIi2lahqLeqdXFh9ZaO/hy/E33:93Euo32lahlqtFh9ZaO/kcH

Score
10/10

Malware Config

Extracted

Family

xworm

Version

3.1

Mutex

Gz1k9z3viwF3Mfl2

Attributes
  • Install_directory

    %Public%

  • install_file

    USB.exe

  • pastebin_url

    https://pastebin.com/raw/J09JweeH

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XCliente.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections