Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    66KB

  • MD5

    ab070f8664f35e9c77d4ab23ea0c4a16

  • SHA1

    56cf8c2e6395ff9aaf39e503e9fee5ab32a64831

  • SHA256

    e42cef3b111bc0783016404bf8f53207b2ad955ee2c127f437fbe96a14f6d71e

  • SHA512

    af5c4985cb8d954387b950ef4a306b354f4bd7e30b6a715763894e8245f82df34dbcd334b95092864be113c15b642f1104f39a325a2934c0a453febae106aa63

  • SSDEEP

    1536:VpFUPjZyHBjyUt0eeuKa9+bq9h2QArOc9nodS1EAd8IIR:VXKjUjyveeuKa9+bq+jrOc9wgEA6IIR

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:46540

147.185.221.22:46540

127.0.0.1:4473:46540
Attributes
  • Install_directory

    %AppData%

  • install_file

    perm.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections