General
-
Target
xclient.exe
-
Size
45KB
-
MD5
e69ef8f0a3871d18e270fbcd5401dda1
-
SHA1
07efe1ecf83a2dc9a267734d2d514286e62355f2
-
SHA256
94b4cfcdf07caa2e8675caf46180753385cf32ef6a35101e157baf37a31265b5
-
SHA512
cc9e93cd46e102f20c51e37dd4a11c184b11683f78a2868c30adda26b94a86c922bb992373630e9117881d4e5656aeea364a7e6d502475832c954a9646f40bfd
-
SSDEEP
768:VurlDweV3OOVbADM9W1v9NfgkBpuAuREcNcFhlVvD4xeVhKfkgLbFEPa9pv9656M:VADweQKADMkV9GkSAcRaPlZrOD/FJ9NG
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
map-casio.gl.at.ply.gg:7777
Mutex
b32hkSTFWuq9ZKpj
Attributes
-
Install_directory
%Public%
-
install_file
XClient.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
xclient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections