Overview

overview

10

Static

static

10

XClient.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    41KB

  • MD5

    3c7667b200cc0c0d450a6ef7074ed6b6

  • SHA1

    0cdc419b06782f9711d61bf6d896e334f3543175

  • SHA256

    118770f173796180618b00d2d690a48a03e525b9d29dc391c90e934d5d67730b

  • SHA512

    d855f92193c41ebda5423e3c17a65b17d971ad14703ecf6d377761c00de63c1cbb2eb4c877f0838ac1c37d5cf0769a3222ec5cd1d3a841c6e202d554bf0f8b84

  • SSDEEP

    768:Ud4LOwcmOsGuECAr43MCfJF5Pa9p+a6iOwh53/ubr:UkHcmOFrRr2RF49Ia6iOwPGf

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

127.0.0.1:36335

menu-installations.gl.at.ply.gg:36335
Mutex

1St0vs3TfXCv7j2R

Attributes
  • Install_directory

    %ProgramData%

  • install_file

    check.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections