Overview

overview

10

Static

static

10

XClient.exe

windows10-ltsc 2021-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    45KB

  • MD5

    251a3a7c87d52e34836b0ff9c32dc81a

  • SHA1

    e074312c07386fda27e904c9d1a1e73b2de8a15c

  • SHA256

    1ecfc67454976bdf26726bad12402afd06b10ec56f42c849d8caa5bb40d45af2

  • SHA512

    2bc3b6a76bfb0af5f77094bc34f1f7b75496d0273c52e0f304e2badf387ac7f6d4eeeca30d08d490ea715c9a275493d15b09b9f3243633b9d84de844e561657d

  • SSDEEP

    768:uabG5pfJFqBb6CoE0RwnuU5rFXNEPg+WByp9bdY5wuI6QhOOKOPm5:uqG5oBDorRwuU5rta0C9b65u6QsORPm5

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

23.ip.gl.ply.gg:51779

Mutex

OkenSiQzShSsAtBp

Attributes
  • Install_directory

    %AppData%

  • install_file

    svchost.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections