Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    30KB

  • MD5

    0984fb8aeec8061bc2b4e3e75e89a933

  • SHA1

    d0263608ecfc5bcea5f24b0a9541a9172b4f6e82

  • SHA256

    71ea1bfa2c808622ebf916cc8937e7addd620a7685a417d7b393608fb784a096

  • SHA512

    fa079e9ad69745fed59c24397bdd4a0c0bb58ecc84331e80f278e517d5733a17b287d2a0adc6657f68f690f45279a4aab9d942b896ea7d66ab1db1fc9bf13363

  • SSDEEP

    768:6ecbl/b37gMYAoRDTY2uBFE9RaOqhDbt:xcx4TY24FE9RaOqN5

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

52.91.10.228:7000

Mutex

WQnPZT3RfOOaKuMs

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections