Overview

overview

10

Static

static

10

XClient.exe

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    33KB

  • MD5

    350fe139a38c1479f2382fdcfcfb06d3

  • SHA1

    b28bad46664370f74d2e343dc77f8bfa18514590

  • SHA256

    44f58c1d309555439e85874d356edc8be78c62999dfd1133470956eced91660a

  • SHA512

    2a6b0d2b8e06a5b025da4005c1ab94b8067d878bf64a95d9f1e366eb78bc5fc52f5a8ccf9c6f991708ca9d32a2613c9c7e00c6551cc886590a10858b39b7ce58

  • SSDEEP

    384:dE8PQ9Ba+vNuntf98d6ILj7CM42pfL3iB7OxVqWFiRApkFXBLTsOZwpGN2v99Ik+:1Ua+vNohsXn42JiB70SVF49jJOjh3bt

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

0.tcp.ngrok.io:12463

Mutex

3K37Y1CNhFj8D4Wc

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections