Overview

overview

10

Static

static

10

XClienءء...�t.exe

windows7-x64

10

XClienءء...�t.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    XClienءءءءءءءءءءءءءءءءt.exe

  • Size

    60KB

  • MD5

    7c691970f52e5cb3ff18a9850737e720

  • SHA1

    13f92d24f66e1e2dccafc01a0c18967c2c757785

  • SHA256

    5a71b213f8fc258100ff601b4b567839aa8ddaf72c70e176eb67ba9c10834cdb

  • SHA512

    9fc1b7d74270c9e3bd459a055e3a40fa940a1ce2f28f06fdb4dfece2130e0a04a5e4b2462acb01d2290940ddc386bb69ece9d819cd00680bbdb02669a23a6294

  • SSDEEP

    1536:utAR0HmYQu//OjjNkTbBWgXOFg3Om90W:pB3uTbIX23O40W

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:36125

session-chief.gl.at.ply.gg:36125
Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClienءءءءءءءءءءءءءءءءt.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections