Overview

overview

10

Static

static

10

XClient.exe

windows7-x64

10

XClient.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    40KB

  • MD5

    2a114e74e5e5edbb1501641070a893ba

  • SHA1

    6a618fb19d4d116930d4d0d9886115ee025b2438

  • SHA256

    3d2b122935f0d5ef5b90aa0461a4c9ccc1855d6ef9eb6441fb7ea788e6e56cad

  • SHA512

    86f2943314b55dd1e708749f896796e729cab9c0a9ec1d2abb57d5d1f4bd5fb336905035d6ff5e1fefefaa319e0ee9a5170249ed0ae5e3ae4682388a043be63b

  • SSDEEP

    768:aFrGIhUKXBeFQOXbAvrSH7tF5Pa9qDROwhZ3/mXL:aueBehrAv6xF49qlOwH+XL

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

chd4y5f.localto.net:7249

Mutex

lAsSWBHDio07or6I

Attributes
  • Install_directory

    %AppData%

  • install_file

    USB.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections