Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    34KB

  • MD5

    a40f08f7b63fc30436b2ef7c7f4852b4

  • SHA1

    3d6b80fe9a4ab26cb937458f7c3212bdd9ae2562

  • SHA256

    20f138fc3dfcb6e5f80bc585780919cca02b36ba3aa60b1e378823bf6df32ff9

  • SHA512

    c61c20a6ed83f361bd01d67ff1e508e6e883f6e4fdf3cbf217fff5b042afbe3f5106160cc508bea408345897704d19cc143f59a85878fef1e031cfa5c5874015

  • SSDEEP

    384:mIvnqQOsp+5e+tlerboocLbLUZbYCaCrCHixxdspFAR8pkFTBLTIZwYGzcvw9IkM:82cHmtabCWzA9Fx9juOjha/kE

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

139.180.188.91:7000

Mutex

EDadDV5UdKlVjafg

Attributes
  • Install_directory

    %AppData%

  • install_file

    data33561.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections