Overview

overview

10

Static

static

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    77KB

  • MD5

    2c74bff80f873c27e0ab146d2c8f20af

  • SHA1

    d56ccb566144d88bc1b74422a34bc0460628b267

  • SHA256

    361d494bfa75e1e4716dc0d8d8309a2017ada3e16935bbeebc8513d851b16ad0

  • SHA512

    08acacc830d23ee6dc6408989438aa4ac583e5d226ad4e78474e233770fd99f92f262f00ee2666c76230d4259b8c28f1566f6ba2e28d001fb9e6b347d15ccfc6

  • SSDEEP

    1536:rLRCwntPQa62ZKvtbUff3U3sTC65uOy14XxdcH:g2L6YKvtbQqsTNuOy14MH

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:48534

localhost:48534

domain-vote.gl.at.ply.gg:48534
Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections