General
-
Target
c8edfd1ffcd25a1f8c14e01f6057770162195f9ae5e502bab274569a412c0ebb.exe
-
Size
200KB
-
Sample
240630-br6kgsvelq
-
MD5
c6107dbd486b08126c43455536ca3478
-
SHA1
d665a8a53a8d1025b4e5b302b8233f3dbac4c0b5
-
SHA256
c8edfd1ffcd25a1f8c14e01f6057770162195f9ae5e502bab274569a412c0ebb
-
SHA512
de03e349bb602e371a4c1bc719f3725b4abe11aba794fea429f581415cf5f2f200a19617bbb6187185e082c1128d15023ab8f128c105294389a94224d6f27a5b
-
SSDEEP
3072:xo5a6HFf9FHOj88SKfbzxcwg7es6/Vsb8VKTup49oJMfF/H9N3Ky9NzLng:xotlf9FUhcX7elbKTuq9bfF/H9d9n
Behavioral task
behavioral1
Sample
c8edfd1ffcd25a1f8c14e01f6057770162195f9ae5e502bab274569a412c0ebb.exe
Resource
win7-20240611-en
Malware Config
Extracted
xworm
5.0
modern-educators.gl.at.ply.gg:23695
Lql6KKIPQPafk0YV
-
Install_directory
%AppData%
-
install_file
XClient.exe
Targets
-
-
Target
c8edfd1ffcd25a1f8c14e01f6057770162195f9ae5e502bab274569a412c0ebb.exe
-
Size
200KB
-
MD5
c6107dbd486b08126c43455536ca3478
-
SHA1
d665a8a53a8d1025b4e5b302b8233f3dbac4c0b5
-
SHA256
c8edfd1ffcd25a1f8c14e01f6057770162195f9ae5e502bab274569a412c0ebb
-
SHA512
de03e349bb602e371a4c1bc719f3725b4abe11aba794fea429f581415cf5f2f200a19617bbb6187185e082c1128d15023ab8f128c105294389a94224d6f27a5b
-
SSDEEP
3072:xo5a6HFf9FHOj88SKfbzxcwg7es6/Vsb8VKTup49oJMfF/H9N3Ky9NzLng:xotlf9FUhcX7elbKTuq9bfF/H9d9n
-
Detect Xworm Payload
-
Detects Windows executables referencing non-Windows User-Agents
-
Drops startup file
-