General
-
Target
Discord Tools.exe
-
Size
200KB
-
Sample
240629-pxzwsa1apm
-
MD5
c6107dbd486b08126c43455536ca3478
-
SHA1
d665a8a53a8d1025b4e5b302b8233f3dbac4c0b5
-
SHA256
c8edfd1ffcd25a1f8c14e01f6057770162195f9ae5e502bab274569a412c0ebb
-
SHA512
de03e349bb602e371a4c1bc719f3725b4abe11aba794fea429f581415cf5f2f200a19617bbb6187185e082c1128d15023ab8f128c105294389a94224d6f27a5b
-
SSDEEP
3072:xo5a6HFf9FHOj88SKfbzxcwg7es6/Vsb8VKTup49oJMfF/H9N3Ky9NzLng:xotlf9FUhcX7elbKTuq9bfF/H9d9n
Malware Config
Extracted
xworm
5.0
modern-educators.gl.at.ply.gg:23695
Lql6KKIPQPafk0YV
-
Install_directory
%AppData%
-
install_file
XClient.exe
Targets
-
-
Target
Discord Tools.exe
-
Size
200KB
-
MD5
c6107dbd486b08126c43455536ca3478
-
SHA1
d665a8a53a8d1025b4e5b302b8233f3dbac4c0b5
-
SHA256
c8edfd1ffcd25a1f8c14e01f6057770162195f9ae5e502bab274569a412c0ebb
-
SHA512
de03e349bb602e371a4c1bc719f3725b4abe11aba794fea429f581415cf5f2f200a19617bbb6187185e082c1128d15023ab8f128c105294389a94224d6f27a5b
-
SSDEEP
3072:xo5a6HFf9FHOj88SKfbzxcwg7es6/Vsb8VKTup49oJMfF/H9N3Ky9NzLng:xotlf9FUhcX7elbKTuq9bfF/H9d9n
-
Detect Xworm Payload
-
Drops startup file
-