Overview

overview

10

Static

static

10

WizClient.exe

windows7-x64

10

WizClient.exe

windows10-1703-x64

10

WizClient.exe

windows10-2004-x64

10

WizClient.exe

windows11-21h2-x64

10

WizClient.exe

android-10-x64

WizClient.exe

android-11-x64

WizClient.exe

android-13-x64

WizClient.exe

android-9-x86

WizClient.exe

macos-10.15-amd64

4

WizClient.exe

macos-10.15-amd64

4

WizClient.exe

ubuntu-18.04-amd64

WizClient.exe

debian-12-armhf

WizClient.exe

debian-12-mipsel

WizClient.exe

debian-9-mips

Sharing

Copy URL
Twitter E-mail

General

  • Target

    WizClient.exe

  • Size

    146KB

  • MD5

    2664563ff49264df010c8284f46ae8bc

  • SHA1

    237e033dcd7072a4e048850609b606f7ebba17d7

  • SHA256

    4838aca2524cbe0114b82303665870acdb7cc8588209b38183f6c18ba14884a4

  • SHA512

    e8f47c102ac93adc330e12365a86564999cc2425d74d4eb44fc6c87ee23f2c31dcc18115e85908ba978b7c86358d70bb706560c7e9a1ab47dbbe7aaa8cca52ed

  • SSDEEP

    1536:4mtt3jmdPFG9LjOqNzjls3WGkoe6Us89T8r9AtnertLF7:EFG9LjOqFa3v7EskT8rmtIh7

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

le-pencil.gl.at.ply.gg:6703

Mutex

r62QM6kvM0SWghW0

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • WizClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections