Overview

overview

10

Static

static

10

XClient.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    XClient.exe

  • Size

    42KB

  • MD5

    f706e0fe7af5adbc7f6c8dc5d76f01ad

  • SHA1

    5d6612d70c227c72af49771ed2d197a427f413ec

  • SHA256

    abaa271934dad28dddcc5e065d4202b1bdc3ac18df824f4f770caa0bc80f8f2e

  • SHA512

    8ce649ae66f9fa32294ca7d67320034df598d07f5f10d9e6fbe2163f8e3419c3d78400b4c27adf5dd9662ac9da46e85db0955b10311f5fd3d1ea7a109a027d11

  • SSDEEP

    768:nTafJRPSlKImUO2DXFyp9ORM6YOjhAPyVGb:nTKJqI2TF09MM6YOjyJb

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

Version

5.0

C2

Idlerkik-51025.portmap.host:51025

Mutex

KUgHFqP88n6895bj

Attributes
  • Install_directory

    %AppData%

  • install_file

    svhost.exe

aes.plain

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • XClient.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections