xworm | XClient[.]exe

General

Target

XClient.exe
Size

172KB
MD5

e2b11b7d99f97bc6eab303a220d23a7f
SHA1

f9c57bcb12309522470ecb4b99e6a082d0093a07
SHA256

751fdf0d29d347f8454a19ae33f50c5904c6a4033cb2be0fd1772b55a0860655
SHA512

449ad8b26c1194d701c01b48307d43eb89fdd7e8f42cf634325d637e0bd456ab1ff325aefdc9b60f17fdbe45541f562990d2251e6b119cf74ebad7864b01f957
SSDEEP

3072:JDgJrpZbm078BeyAOwK8MzFfe295liNgTddwY0JwsR4TbswYqkX5bEdGDOjESHhy:CBbF79yyoH95D

Score

10^/10

xworm

Family

xworm

C2

127.0.0.1:5050

character-acquisitions.gl.at.ply.gg:5050

Attributes

Detect Xworm Payload 1 IoCs

resource	yara_rule
sample	family_xworm

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
XClient.exe