Overview

overview

10

Static

static

10

XClient1.exe

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient1.exe

  • Size

    83KB

  • MD5

    c30b5906b1aa0c111866d3543d2b400b

  • SHA1

    d2a0b0653a00389d77473cf15da11b88645d13dd

  • SHA256

    1c52585d170bbd35b91eda1773d668e13d864d88622dce45032fd84ed4e7e8e4

  • SHA512

    27292d32d1e334f642a3d634c55add20c0a7137d0c05cb923b9da69df7c80200764bcb0d07a0171fa201ef84b359255e9716a121bff133bcef5fb3738febd2d4

  • SSDEEP

    1536:wysYCFZj2Fyg9xJhxnFb+fpertJ9Wlpr7bE6ylrIqRktj6uJOGA7cdcx:JYZQxFaYrtbk7bE6y5IlOGA7Dx

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:8848

domain-vote.gl.at.ply.gg:8848

gl.at.plt.gg:8848
Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient1.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections