Overview

overview

10

Static

static

10

XClient.exe

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    66KB

  • MD5

    36107f1bc0c419ea2e2937feb18f7592

  • SHA1

    e674ec4c793a32dd5403e29d8605e80ddb421e82

  • SHA256

    6291cdb82c2e29a78ddf62a8663a3d4836ce4283e4d439e0f3666182cf7e3389

  • SHA512

    efb6c2b2fde3db166ba901e620537cb5a11c128258c5ad6ef175fbf1164d9d556e291a9be87411ba2fab2b0c49128877889bb696d672addc211e97b1ce044710

  • SSDEEP

    1536:LReoa34vKNswhy6iUJDVIZrATJxfD4T72wb0gSaQYJaOP4V6+r:Lw54yRhxpBKZIJZwb0Ba/gOP4V7r

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:37139

safe-continuous.gl.at.ply.gg:37139
Attributes
  • Install_directory

    %LocalAppData%

  • install_file

    USB.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections