Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    232KB

  • MD5

    f827e7199fc7d068a8d6f643395eedf8

  • SHA1

    b934b08daee4a3fbd14aec05ecf21033630dc032

  • SHA256

    535a6cfcc7cbe46607b1fb8577e8dd32771eb8e0dc7fb9c0d5621938570ebb3f

  • SHA512

    a855c30c2cd5223af8cfbffc4b10175d2fd92f4917358bd3ba1b5153e533fee9d776f972b3ee18d181e09b0431985832fd7a204b22bbd1b1143c7c7591eb20bf

  • SSDEEP

    3072:FSRS75cbodbENr9fI/O6su8SKfbzxcwg7es6/Vsb8VKTu549oJMfF/H9N3Ky9Nzr:Fzcb6bOvuUhcX7elbKTua9bfF/H9d9n

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

expected-fabric.gl.at.ply.gg:23835

Attributes
  • Install_directory

    %Temp%

  • install_file

    discord.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections