General

  • Target

    XClient.exe

  • Size

    80KB

  • MD5

    2549b9c24b00e10d1d1b19ed18abea56

  • SHA1

    71135d2dccd4f4cdcefdd0cf2b59fe7d7fa51897

  • SHA256

    89751d8b2b5ff207f8a7da0605086c675471f47830c29357d42006eb2598262a

  • SHA512

    52c672a7bb9c2b426ad6d4ee201c18fe751836f3b0fd4dea8c76e86c16fb47afe0f1a6443af323ccef6a549eb88af73250c59af9e4000784afb2ca7ca3509afa

  • SSDEEP

    1536:6C1htydn6LwUGd8H0qlKhxGeB9VxgCR939beP8e5Lkkma6R1DTgbi55oOLuXnvKL:6CxicwUU3jvGeBTR19bePvgkmfgYoOCe

Score
10/10

Malware Config

Extracted

Family

xworm

C2

america-depending.gl.at.ply.gg:22525

Attributes
  • Install_directory

    %AppData%

  • install_file

    fix solve.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections