Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    36KB

  • MD5

    1e3784e2eb9c27d3ca87b2df1946ab94

  • SHA1

    00fbc74b92b5f705cad087e381d25e3dd0d9d497

  • SHA256

    55c256c6d8ba0ed731f3fcfe5c2f25c0020b92167b1bc84cd286da660a64cce5

  • SHA512

    59e86616084f8466d22f21105ccd1e80f77dbb67f01b6b4e1d3c58dcb4725e7a3f91737e5b98446425b8f3c04782b588f1bca1938168f0069da42dfb7ccef9b0

  • SSDEEP

    768:mHqkN8BIqXDERt8kqlggFyP9Cy9rOjhbb+GhF:mHqPBhXDwpkFk9CytOjoMF

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

lower-fisheries.gl.at.ply.gg:45093

Mutex

EEmB1ngV4VNAwuKL

Attributes
  • install_file

    USB.exe

  • telegram

    https://api.telegram.org/bot6840931665:AAGv7v7rX37B-ecRdyZwX93qMTKObEsmQ5o/sendMessage?chat_id=6840931665

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections