Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    37KB

  • MD5

    a74444f4565c1ac3821700e5363c1422

  • SHA1

    79b7cdec0ae6228cfd59f7d4b2c4e16b5ad612b5

  • SHA256

    22aa8b082af7d4a7401d2bf5aed386cf48c072d1d909d636d367ccdf1a8bd765

  • SHA512

    b4e04791461c5c9fe9dfea777b7e98e29daafd383db318743fa024b04d3604ba78e719e9255ac26ee07996732bbded46a23be0baa90ece8594cafe4d577f1d52

  • SSDEEP

    384:lE2NMUua+vNu/3ZNxASEbljRNhLuqNTYvFrBHBs+iAfApkFCBLTsOZwpGN2v99IB:Sa+vNIFEZTN7NUvBBf3Fv9LRHOBhX9

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

172.29.44.9:3389

Mutex

YHZ42LUDmfRouYyX

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections