Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    37KB

  • MD5

    6d8d71abc75ed744e539cb3956a64d79

  • SHA1

    d7b822a9d3937b33f9bf194af10b686f00d25c0e

  • SHA256

    9195e804fa2c17c635c41bdb01ae76f0603621d70923e3b807d111fc50bea85c

  • SHA512

    263ff20d0a969f39b729c0cb469ade45c1f2eaf8b0c0520e2b1e8adeee9832d63b9407a1798694f12c8c96ae6e46cf0424d290e5e9beff67a93e8b3cf97f7d86

  • SSDEEP

    768:3Tz26YAWq8Kt1Cy9eTg1bxVzFg9UPO/himE/ZG:3T1YAFdjpc8xFFg9UPO/QzRG

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

19.ip.gl.ply.gg:64493

Mutex

evl50XXc9zAoNqyF

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections