Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

XClient.exe

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    34KB

  • MD5

    21fb8644089db75214b6a10961b7997e

  • SHA1

    4b98638053b4fee1813ec52576d2722902400627

  • SHA256

    4fa9980cc7ac04bd3cbf788b74c46ca476264fab83bca4bf47eecca1b495df08

  • SHA512

    58da25a07737c29109ebf1969f305480606dde21a25115c01a85ab0f156f10af980f1a83d65af96e8f192006bc8072396c4eacef7e910729908215a6b8681091

  • SSDEEP

    768:OCRTbSQsoIv+QSkNTcCZ/5G3rFWPk9g9GO9hGRm0s:pVbqoAnbNYCZ8bFD9g9GO9IwF

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.0

C2

ayumi-27013.portmap.host:27013

Mutex

zU8QcaNseDq9eQWJ

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections