Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    38KB

  • MD5

    4b20f4440e29043d4134935a2abd5bc3

  • SHA1

    c5b032c7ed98970650b93b1b50a338e527b45536

  • SHA256

    f67665846f933fc5a8fb7d6023da5947fb25bb90131e36954a3082a4f7d2181e

  • SHA512

    68c5d0ba10e65acf5701e4af30bbb97eaf31aad372c2e25db5a06777a51d1ee61961a92dbd65920a61f3d3b039be03a7b3e19fcbad3589ad8dafa430dee5cf4e

  • SSDEEP

    768:3PDWCCqClY9UiX/iBrEvG3GXFyc9Bjhs6OO/h3DEnlo:3PDWPleUgiBr7IF39xy6OO/Ulo

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

16.ip.gl.ply.gg:52773

Mutex

7Mssmcfxx6doPVvo

Attributes
  • Install_directory

    %AppData%

  • install_file

    Gays.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections