Overview

overview

10

Static

static

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    40KB

  • MD5

    d8a58f155d2e4f3dd34e36f407923ca3

  • SHA1

    5b72578fd9b9e2d1778c88b838b6a43fc9f7faa2

  • SHA256

    2896a88e5c5b3e6be1f9c89aa69bd9e409cbd21a9eef36d381277ca4bfa88fce

  • SHA512

    17557d9117ae99840c5c83b3e047b95d0f969b22b8af45bf8b3a6cc04994336533ab66d29dd699cf6cacc16f55e5c77b3e10e5fc077ece60f761b726bf03e913

  • SSDEEP

    768:a1FTNqOweif3OC2TMdvZJUJKmVkk522nXoLFRP19/ENOQhddPZ2N:CFRqOwff3OtTMJZJUJKmV3g2uFH9/EN2

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

girl-tries.gl.at.ply.gg:7131

Mutex

2GZHD2vYPnN784m7

Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections