Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    40KB

  • MD5

    ca0739ad717887f4bd08afd6cf13cefa

  • SHA1

    40d6dc6d4949a736e769071643e982ac4e84180c

  • SHA256

    5c89914a7cb44e7be901ff40f20d055b6bc9a2e085857adb6d8f39c84fc34c51

  • SHA512

    b8c75110a1665ffe29f4041102f70e63879efe7aab3409d2132013072dd9eb92a93a5b63d30e63540375f11bc026c2d793710294c112305803cf6d371d09c8f4

  • SSDEEP

    768:0U5GByUZcr4AmCAqbYQp+tF5Pu9IWzOMh13/9sH:0sGkMAmjAhyFQ9I+OM7Va

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

maps-having.gl.at.ply.gg:1604

Mutex

GWhNqdvh8iQWIq9G

Attributes
  • Install_directory

    %AppData%

  • install_file

    XClient.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections