Overview

overview

10

Static

static

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    331KB

  • MD5

    ce689b8959050f0c106b17dd02e9b57c

  • SHA1

    922bc2b6bf9342c074fbeab7ed864e9117c3be51

  • SHA256

    1d9e26d41e87e10f1e15da1d62c6843b3cddc7c0924988e4799d576982f7277a

  • SHA512

    502fbdbb367632ab615bc780c06f84349d954568197104eaba6296d4c3670dc8676c302755021b973aa4aab8b685c0de5bb006f492972c7e5799e0562904d642

  • SSDEEP

    1536:oPJJv8QJTYwVx+/m8jb7ILH0XU3vpWFOOEfJKKXRVsFGfFuAYCRAutPsAzAUCBQ:ofTYwVxKjb7Ib0XUf1OEfJFT

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

rat234678235481254.ddns.net:4782

<Xwormmm>:1234
Attributes
  • Install_directory

    %AppData%

  • install_file

    Runtime Broker.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections