Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    34KB

  • MD5

    5d2dc323b2b42d95197f9db5e2b77912

  • SHA1

    db41504c19518acc4bf43ce906deb48e4ade9472

  • SHA256

    493accef901cc94448ba8a6668245ef1aa310646901816a091009e5ecd01a90d

  • SHA512

    a56e09cb10afccffe33ce8e0d186b7408ecbd738c2568169fc1b77b884b3290559fda4875033b3a12a62ef9a725895e3e8bfe1333e7edb7cf8a4dc7ffc108132

  • SSDEEP

    384:Axfk5iqq97LvJ7+iIZ+WmLdMCzqaKI4enRzpkFTBLT0OZwEJN2v99Ikuisot1YlP:YTHWidvzqe4SwFE9jvt1jOjhUnbC

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

sites-sing.gl.at.ply.gg:61490

Mutex

j8qQaTgZ3VgXKmrY

Attributes
  • install_file

    USB.exe

  • telegram

    https://api.telegram.org/bot6824305225:AAEM-SYsWZxYMSCmD8o1Ho_qWopdrlEMtmU/sendMessage?chat_id=1834888642

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections