Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    33KB

  • MD5

    69c82b1c20f560932c7acc4321f4faf1

  • SHA1

    0feb0b3a1919e653c11c015de3a3493fcd50b1d6

  • SHA256

    012722a325466d09e8f9e443065f65a196c37d4633b4b2ce90c6110c91ce9bbc

  • SHA512

    5160c85aae3e89d9a875b86e1c71ff261f894aa899b4986628d5fa9503258f6bf901ca72af6c1340066cb5afdab676ade45a65cac645161333dbda583a83c92d

  • SSDEEP

    768:4Ua+vNohsXn42JiB70SVF49jENOjhgbY:3vNohsn4WiR0oF49jIOj28

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

127.0.0.1:7000

Mutex

eH07Hhmhg9zKWdH2

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections