General
-
Target
XClient.exe
-
Size
34KB
-
MD5
0e2d8453d25e0c10c837df17cee92794
-
SHA1
6e4f980c7a4813e385ac01b005b9eb7bb3a63267
-
SHA256
010c25e723fef619badbc922d34d0349b80d0686a7e7b34192bea76f28950ed4
-
SHA512
3bd1a07990765ddbf58692b031568630408f3a52576e029780e5d7231e19caada5dc5a571cd47479ede0d1c0c08c37bdc2a5deedf8f28d5b78350e9da00c5fff
-
SSDEEP
768:P8rdXxt2EkNFdG1U3Fyc9qXC6EOjhdyve:Pu0FdGCFh9qXC6EOjp
Score
10/10
Malware Config
Extracted
Family
xworm
Version
3.1
C2
japanese-cross.gl.at.ply.gg:16828
Mutex
dKjXiw0bskOKO6JU
Attributes
-
Install_directory
%AppData%
-
install_file
USB.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
XClient.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections