Overview

overview

10

Static

static

10

ZeroClient.exe

windows10-1703-x64

10

ZeroClient.exe

windows10-2004-x64

10

ZeroClient.exe

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    ZeroClient.exe

  • Size

    47KB

  • MD5

    443c817060a489b4a2202edbe5f60d78

  • SHA1

    285843bbd5bda2194ab8260d13ff3cb9f5199466

  • SHA256

    4bbdba54e948670b8f19abb6d79092bbbe48b3c05f93e2471ccd19cc6e63951d

  • SHA512

    2e224d2489aa6f27897603c05b8b8b7133181434a42c717ffb79454d948311c0fcfb9486928b6ac13a8370b32cc61a0be2693f40e7b3d41900f83df922584480

  • SSDEEP

    768:LcAq7n/FvPHa/TKD+M7V0rJ2CPtS60Lr9JMPPQhLOY1Y/4:y7n/xvpKMhjQS66r9Jb1O//4

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

2.2

C2

paris-itself.gl.at.ply.gg:49485

Mutex

ar0HNolybJcQu9JA

Attributes
  • install_file

    Taskmgr.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ZeroClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections