General
-
Target
XClient.exe
-
Size
73KB
-
MD5
29489bd7b40f8fe8e9f8b5eef2e7934b
-
SHA1
808421866619a366107a592dc4936e4a3fde404e
-
SHA256
ee93b574812d8734c3b5eba01e7521a74010c8817f200781505b1002b789394d
-
SHA512
dcf6ab092887cb0313a9dd8b3c5222e9d22d18d8efd24151627dc3fad56e0f812576ed9434c21853c2cb730412eb76ffb1c18689368e0ab34ba3e6e80287b1d2
-
SSDEEP
1536:d3Qg91AbJLf+HOVvZ6T+bY+j/jDHIkMRytbaZORK0NLTBVhb8:agTA5JC+bYeLXAytbyORVLjhb8
Score
10/10
Malware Config
Extracted
Family
xworm
C2
192.168.29.241:22119
books-royalty.gl.at.ply.gg:22119
Attributes
-
Install_directory
%ProgramData%
-
install_file
USB.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections