91523f8d438585534d9466432cc4665d.exe

General
Target

91523f8d438585534d9466432cc4665d.exe

Size

201KB

Sample

210408-4rzvmbrt36

Score
10 /10
MD5

91523f8d438585534d9466432cc4665d

SHA1

e34b69f0ded056eca7dd43b8f5be2edf7198c211

SHA256

b5e3426a888ddb5751f9802093f1bd10ec696b2994bee03b99b7ba2b4f21a57d

SHA512

e8035c994acd9e46738b87eae25248df1548f8782d7475b4e9d362b68362ce62962780e46be0e054b9645d1be4e1eea8c93096f8e90bcb179040b5014eeec77b

Malware Config

Extracted

Family xloader
Version 2.3
C2

http://www.simplyhealrhcareplans.com/sqra/

Decoy

edwardjonescredticard.com

muzhskoy-eskort.site

home-sou.com

entohops.com

orchidandiris.com

kellnetworks.com

shopthen2.site

jimmysga.com

carobbella.com

fenuadiscovery.com

huongdandidong.com

greenesgoodies.com

socialunified.com

azure-vs-google.cloud

bardototonho.com

anadelalastra.art

godseyepiece.com

18082020.com

3559044.com

hvacservicecoldwater.com

inlandempiresublease.com

cenconsulting.com

clavunica.com

zx765.com

ndrossignol.com

lumpkinforless.com

merrypopinnannies.com

herbalbooze.com

opusleaf.com

karizcustomizeme.com

miss-windy.com

esl-materials.com

flcpyl.com

metort.com

ggapp.run

josiahtreatenglishportfolio.com

charmdalat.com

kaashir.com

magenx2.info

mysfmp.com

dailyhyundaihanoi.net

camperlifeclub.com

familymedicalurgentcare.com

unityprawn.com

crosswhiteconsulting.com

luxel01.com

runwithbe.com

marfrigs.com

lewishackney.com

legalhelp.black

Targets
Target

91523f8d438585534d9466432cc4665d.exe

MD5

91523f8d438585534d9466432cc4665d

Filesize

201KB

Score
10 /10
SHA1

e34b69f0ded056eca7dd43b8f5be2edf7198c211

SHA256

b5e3426a888ddb5751f9802093f1bd10ec696b2994bee03b99b7ba2b4f21a57d

SHA512

e8035c994acd9e46738b87eae25248df1548f8782d7475b4e9d362b68362ce62962780e46be0e054b9645d1be4e1eea8c93096f8e90bcb179040b5014eeec77b

Tags

Signatures

  • Xloader

    Description

    Xloader is a rebranded version of Formbook malware.

    Tags

  • Xloader Payload

    Tags

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        1/10

                        behavioral1

                        10/10

                        behavioral2

                        10/10