Overview

overview

10

Static

static

10

XClient2.exe

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient2.exe

  • Size

    130KB

  • MD5

    3d19ebda9a2faab55e11ad2f3ca74ab5

  • SHA1

    64b8635a76c32e60274d75360b018c9136b02caa

  • SHA256

    0cfd58bf7f8020056e944d3624accd724c181207c38aab0ec0ba92ecc8abab4f

  • SHA512

    0acfdb092f25cf6cefec2f9d301d0a03dac95fd23465ebb815b750372cb660751f2c3138fbcac3c9134d0052897e9e5caf85635ac24437a012ef2f9eeacb4a86

  • SSDEEP

    3072:K1m4unF49jgOjVBz65/M6If+3Js+3JFkKeTnG:ZPF49nxBt25

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

127.0.0.1:39421

inside-addition.gl.at.ply.gg:39421
Mutex

CzlDb72aYb7wwU9a

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient2.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections