Overview

overview

10

Static

static

10

XClientexe.exe

windows7-x64

10

XClientexe.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClientexe.exe

  • Size

    58KB

  • MD5

    a5fbb5f66b31de92d6556ea3d4009bed

  • SHA1

    f0200f6c93b2d80957a23f48c0a0a1834ce5cee3

  • SHA256

    037d0d8fa46575fd00ccd423eebc693a25180304877edc6da6460134a00df82f

  • SHA512

    689e03a6112c529b84ef5c786a9036ca0761e79f2bcac3e900f529db21e83cc50d51176474bcffd38c35efaff6ab07e088870a39069def8f45c56b506e6107b5

  • SSDEEP

    1536:k2OgqpRtx/leKi0bi0zEvjvsBb3q72gVTktlu6xOZcRo:kwqV5piWgLEBb3ufktlxOZ6o

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

23543254365-58443.portmap.host:58443

Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClientexe.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections