General
-
Target
ed83e0889ed251a46197ea2877dc74957a67551f746d64cda4dbd870b883db1d.exe
-
Size
69KB
-
MD5
5d37e31fe1b07076f070f06d7a2cf9fb
-
SHA1
b0731819832701056f1799ee1f52a222fcb93b65
-
SHA256
ed83e0889ed251a46197ea2877dc74957a67551f746d64cda4dbd870b883db1d
-
SHA512
fc7313180542fa84e0e3727f8692a42c4e2e2e10586dc7bd918dbe40450cb525e1b1e3e2043a745da7d5bee60310edcf817a889de38eeae4f815588083dd2d5d
-
SSDEEP
1536:EZjRQtLD7nNd0K1Pz3NmG6kF+b1Wm7bc6JOyTjfhk:GWLD7TPb4G6kF+b1Z7jOyXfhk
Score
10/10
Malware Config
Extracted
Family
xworm
C2
develop-transition.gl.at.ply.gg:40000
Attributes
-
Install_directory
%AppData%
-
install_file
XClient.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
ed83e0889ed251a46197ea2877dc74957a67551f746d64cda4dbd870b883db1d.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections