Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

1

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    70KB

  • MD5

    3f174983fdbcd31a42ea3c4baad099ae

  • SHA1

    a31195f850cdc80c7cf39ab2b9cbd5bfce989323

  • SHA256

    30fdcde501ed1c3ab2399f61572b1736995d920fd2b84443ea9caffa3a63ab13

  • SHA512

    451f5949e9f272dbcdf1554b81aa4a36f1685f57c14fdf3561c8a911a21042f9c65b5b29d272b53d946bc082f71d9332c32cf3209eaa7fcb8609b9daf39b7d52

  • SSDEEP

    1536:KW5VPTvTV63QxWP+QU+h2ItH+bKU+2aYu56itO+7P1TutlrSuUT:KWXb8QxWRBh/H+bKv2a5tOeP1aHk

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

daryandercoole-42912.portmap.host:42912

daryandercoole-42912.portmap.host:42912:42912
Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections