Overview

overview

10

Static

static

10

11XClient.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11XClient.exe

  • Size

    39KB

  • MD5

    296a700a8f29a25171ba2178e75ec360

  • SHA1

    9be9efc16e69b069122aadccc84771c8102f4e84

  • SHA256

    56cdb12de6a7c58f2c6a11c3cac753cdea860ce37c8ff08c172d8151c29f6bdc

  • SHA512

    47028edbd49bdcbaee1923a5e5b91532b94c7b2598275dedf9539bbf134ee70eceec36fed233e982e21b622a5a07e54d534444de89c69a7460c7237fa79f66d2

  • SSDEEP

    768:LpbQys8WnicWVfT0qW5DjkNpnCQQ7FWPa9nEAOwhBaO8Q:LxY8WniZVfQR5/Fv9nJOw7T8Q

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

jenoks-52356.portmap.host:3675

Mutex

osXgwikr6yf5nRvn

Attributes
  • Install_directory

    %AppData%

  • install_file

    winconfig.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 11XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections