Overview

overview

10

Static

static

10

XClient.exe

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    35KB

  • MD5

    9483fa381c12df3d997e9a992924a069

  • SHA1

    9289ed3e3e1332f1d074e9cbaaf2459c5d856554

  • SHA256

    657a62a3b5c8b00f807ba687bfde760b5e6c2b4ca25f7cb8fdaff5185c88a1fe

  • SHA512

    82384694372044aa551d8954595122091d6f5e1985b79551107e2567eb8f3b90324c8bb0add3d4f478ef9dcfa084e2990d604a19a056741f382a023a91237ceb

  • SSDEEP

    768:XoHv9ouQGVJhiQfCYzZ4mVFy+9FLbMOjhhOEG:XoHloqJhVa6Z48Ff9FLbMOjc

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

modern-educators.gl.at.ply.gg:23695

Mutex

fu4Hj52wCiuARUCr

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections