Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    30KB

  • MD5

    2ff172c27d4560b2d7748e43604a1548

  • SHA1

    3df721a22c529895d9e69556c7edb1325d012839

  • SHA256

    8e7590bbf2418f268469ade41e5fe86d077ad68c42e1e91952294e0878d28b2e

  • SHA512

    4ea3cdd985acf9497d5dc6e50372089dc77aa76bc042a6012c3f1d243eec3a28cd05a4ba7b765439ef182d6425ea244caebbfd5257a0fc920b50966b7ddbc439

  • SSDEEP

    384:zeAwIGmefcZWGl3nxe0XLZJkpJqXlYECwaiU4sbRugtFuBLTIOZw/WVwvn9IkVuH:RHZrtxekwo1YETD9sbBFR9R0OqhrbL

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

209.25.141.212:11647

Mutex

n12c22NPNlQPBHL7

Attributes
  • install_file

    AnyDesk.exe

aes.plain

Signatures

  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections