Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    42KB

  • MD5

    bbaa596752e195a7d62e4c5244c0337a

  • SHA1

    96c8f71d69a0c8ca9866fcf4fc971f3ffadc8b63

  • SHA256

    de95c6fe279e5b702fd181833d1ca03839aadf69b57803d36a7aaab7992bf615

  • SHA512

    90e8f79ac48e198a33fb8bc0344e7b2b225d323bc2d8d3ed883e9eb0f7595a3ec114fe723b9196d3c2c2b644eeaab304d8216c517c2e2f8e9d0e4906fcdacec6

  • SSDEEP

    768:CSQ2+WXczcri7qzu/Ylts/zOrNAoFG9yyQO3hYI7:CD2+WMzcM/YTKzOTFG9yPO397

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

10.9.43.134:23057

193.161.193.99:23057
Mutex

kU0Mk0W82hNAEdHL

Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections