Overview

overview

10

Static

static

10

XClient.exe

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    35KB

  • MD5

    dc5151ef62b15a1ae6940d9d8dd7ec29

  • SHA1

    7844fef611bf8e802d0bf29a1795febe4832a2f4

  • SHA256

    80f9bb2081ffe0c01b9cf76ebaa5842079eeb2fa37d2ca4e89be718e020f1e13

  • SHA512

    10a1c5490d8d881c12822b459a6d3a8c14f06c3a73beacab44a8574bd840bba18ced4495d6887f3bdc084dff187a0694b760246f52cdfd51b2896174b68f7eae

  • SSDEEP

    384:QIplqmEZQiAka9hI4HTGzhgzy0XlySLZLDxy7vHsJQcXT6c58pkFyHBLTIZwgG+S:EdaHTcwJ//h+cVFy79eAOjhqhy4D

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

93.183.95.210:5557

Mutex

NRRzGTi5ZCFyeFh3

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections