Overview

overview

10

Static

static

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    43KB

  • MD5

    ec4903b0c74ac7d8ed11b339e19bfde2

  • SHA1

    d856f55f46d4d9e944d5c17af946d25c18a23439

  • SHA256

    a58ffed455cde8e2161f95af2c565cbed2ad6efed272c14b88096f0704ad19ca

  • SHA512

    7074202e81273235005d136dd27809264df1867ffa1818e799c71744fa4d16930dad4629a9557369693b46e55fdb3ebad3d87f538430aa8d166cb617cfc9d9db

  • SSDEEP

    768:iWX1qj4zpgLPgw9okX2jhM6Lc+F+w9O5OR68O+hnbWLV5P:dlq8zpgjgO5X2j3JFP9iy68O+FWbP

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

86.174.162.64:7000

:7000

0x20Be82eDe1D3001d450d10ef6944eC28a0682F4f:1
Mutex

GOwGdXx5fMHhwZ4l

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections