xworm | XClient[.]exe

General

Target

XClient.exe
Size

40KB
MD5

f3d8b96931d1aa9f0c31f92f2db6c903
SHA1

7aea8c37bb34cadef6ea87630c5b6c525cfad509
SHA256

7ec4beaf8109398c4951d73659beb02b290acc7c1cc9759624aeea2302a9279b
SHA512

2e7bf4813fbdf426115ee2f69523765b83aab30dba9d679adb90dceb040515872ae9ff9739e39e4294580557c542b0e2f21683596e3c6894871f6a484b99e082
SSDEEP

768:rIDwCrxY4mpc9i32v6hCuuJf27ZZfFWPG9/OQ6OOwhujGb8:cDwCFY4gckGwCuuJfKFv9/OQ6OOwoCY

Score

10^/10

xworm

Family

xworm

Version

5.0

C2

10.9.248.138:29647

Mutex

bqj2YDk3d9XilFuu

Attributes

aes.plain

Detect Xworm Payload 1 IoCs

resource	yara_rule
sample	family_xworm

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
XClient.exe