Overview

overview

10

Static

static

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    35KB

  • MD5

    718088fc6d47b581be990e9e2f9e50b4

  • SHA1

    f5d2bd620be80dcd752e0574767b7a074a1b589d

  • SHA256

    84bec205d61c12948e4c63b6ecb0dbb7ea054283acb7caac94220f5e9f12c25f

  • SHA512

    777843debaea292ea5d93bf59d0edf99d48a8a08e232df6e7dc8e8927373bf3a89809423f25fb7da7a15f207ce543c8924221158dff0762b4d4fa79d883a5b94

  • SSDEEP

    768:skWupV3di9zef/rT6T609yA/155FyK9j96pOjh1yX:skWu7dbT08A/1jF39j96pOjri

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

147.185.221.22:21992

Mutex

oeWKQUtdlBALpS6c

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections