Overview

overview

10

Static

static

10

XClient.exe

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    30KB

  • MD5

    4baf89d2e04aecd28896699cd741eb8b

  • SHA1

    b9cee117f1c951a36f4fd5c245eedba8f691ebb9

  • SHA256

    a8355cf1fb6c38594141e6aa42dd2b79abbecfa7261ff5ddb18f592619321c98

  • SHA512

    79b1353292109f5eab8dab4ee21a1d089cb573402596711d4cc9d0b8cbaffa47cc098651b25d7deb670849b81fcf3137bcc09dfc1283c8eb0cc7690c7013da9c

  • SSDEEP

    384:feAwIGmeffcbWICWv/0ILZGPc7g0hYACSqReAw2uRugtFuBLTIOZw/WVnvn9IkV2:Vecbl/b37gMYAoReJ2uBFE9RlOqhlbU

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

3.1

C2

127.0.0.1:9999

Mutex

Nc7OYdPkoy3fA3j2

Attributes
  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections