General

  • Target

    XClient.exe

  • Size

    51KB

  • MD5

    7a3583c53b305c0d6a8e1c951ad65150

  • SHA1

    d3d5cd179ca6e93f71bef3e0df7b0e21b2807829

  • SHA256

    831cc53b4c821673e9cb0565270028834cf03f59f8937a4ff5f795d7bfde4332

  • SHA512

    4824de360fedc2e32298dd0b60cd2677e5484b16d7448b92d42a25a096cfe35afe2080f5fae61b21ce5b544e1798116217e4f9b0c0cae0b0d62a982408031ce2

  • SSDEEP

    768:JbFI45nk2ZTeqMzHuqoBMBolBcws9AhR/8JPIExUbPeJJt0Jn37i25cd80OBh2k2:ZFI45nsqMSqclCAfU+b2Dt0DaOBElF

Score
10/10

Malware Config

Extracted

Family

xworm

C2

45.153.230.56:9392

Attributes
  • Install_directory

    %Public%

  • install_file

    XClient.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections