General
-
Target
XvcClient.exe
-
Size
39KB
-
MD5
8a1f910de42bbdfc2967424952092c93
-
SHA1
c9eb6e94e8f11e023e524eea898c14e1084568ac
-
SHA256
14e1b5a22e7e68cfd1908bc0b7c6c7db1889c9109967bdd8fc06cd01ad3da042
-
SHA512
6c8b01d99e3a8fb4c1e4d671616abe4e523202aba8873ae2eecd92d4a5020330cdb1635344c846b8e8189fd3ecb15f98a2da907a89ab2d1ead5d14dc3af1689f
-
SSDEEP
768:vMi7NoXNEbgnMpOMb9anqNiAvHzFN9pPOphISv4:H7NQObjAnqNiAvTFN9pPOpjv4
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
cities-annex.gl.at.ply.gg:28648
Mutex
ZcxxP7wB83cGDNRX
Attributes
-
Install_directory
%Userprofile%
-
install_file
msconfig.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XvcClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections