Overview

overview

10

Static

static

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    34KB

  • MD5

    a932f82d72130ce5f0b9c707cfaf3d54

  • SHA1

    522e695756344f6675143f1a5570c4cd729262f9

  • SHA256

    ecbae5e406e660ae27e3e455f9fd2fea53a801639441d4ea45942db3caca7b94

  • SHA512

    a52f2f9053796d49991c297788a76826475f09d58f9bf4e2b396b5fa27119eccb645b58fa9e4b9aa227e3efabb39b20783bc2296212983e711f5ad6aa3ecaeaf

  • SSDEEP

    384:xTxu9qBOae6oK/I7Z9plUzO7LMeIZ9CZpbW3tXe3qXR8pkFXBLTIZwYGzcvw9Ik6:xxuaUJRnpIZ96pbWx9FV9jHVOjhV/4e

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

engineering-thoroughly.gl.at.ply.gg:3030

london-components.gl.at.ply.gg:3030
Mutex

Zh8pgAQ2U6g1kIOK

Attributes
  • Install_directory

    %AppData%

  • install_file

    svchost.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections