Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    66KB

  • MD5

    623519d7ad18abcb1df8cdcd3e7a6aa6

  • SHA1

    7ec1cc3d63a65cd9e5ab82c458b84016bf531505

  • SHA256

    4c08702a4d3b1a278aba8d33480e9a26f6042d569baf9e1dfbc603073593ba05

  • SHA512

    04515cf0bceb8e36bb322f3718b11a62cab520c9832e6ad2ba98ae5c98d5ef0acaac66e8f47ba81052643d0286d3eedf645d7d5f842622fcfefe4fbbafeeb114

  • SSDEEP

    1536:xEtB+UTvyQchhT+bFx6+eqHV0i6qLKobOsl5gU8bYGSdU3:eaQ8hT+bF2a4iOMgUyY1g

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

19.ip.gl.ply.gg:38173

Attributes
  • Install_directory

    %Userprofile%

  • install_file

    Gorillatag client.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections