1db39e128ada4c68357664c1b44c0e84.exe

General
Target

1db39e128ada4c68357664c1b44c0e84.exe

Size

624KB

Sample

210408-sxsq6mfeps

Score
10 /10
MD5

1db39e128ada4c68357664c1b44c0e84

SHA1

a3201ab63b7c34c0f19cb92c8aaf7c45a8d5ce07

SHA256

2fa1b077d0c0a2f292e166dd47f72ca444ceac3c43a1936b4f9a03d7c34d032a

SHA512

306c7c501c88383be3f2f2acf1215ec68fe209ddf1946ca6a70b05ba5e56c06890cb722489794ba95f7c377be5e4261f8dc4ad9d3917f4a4955fb2f7ae537522

Malware Config

Extracted

Family xloader
Version 2.3
C2

http://www.frontierglasseastaurora.com/g050/

Decoy

threephotonics.com

ancientalgorithms.com

macroissance.com

baldhousemusic.com

intotechsolutions.com

mitklassik.com

mybadnews.com

westport-quayside.com

hospitalscales.net

automatedplatforms.com

simplepartyplanningcourse.com

zuluforest.com

jflindsey.com

xamap.club

businesslaunchbox.net

higashiyamajin.xyz

solutionsolvegh.com

vtolvertiportservices.com

customroofunderlayment.com

conflictcyber.com

demooijtransport.com

sageconceptscatering.com

trongrand.com

etiquality.net

kuppers.info

derevafood.com

doxaconstructora.com

bespago.com

santamonicaseafooddock.com

rtstsllc.com

yaopingtu.com

xingchenjc.com

2greatoaksroad.com

youyescap.com

techyara.com

puptrimmerpro.com

freakyskull.com

riseandgrindbb.com

chitrakaah.com

sofritia.com

gosunnydale.com

7evy0.com

aschaillestt.com

l7zexitam.xyz

redefirolli.xyz

myuhc4me.com

recruitina.com

iopco.com

comerciaras.com

ice-tracker.com

Targets
Target

1db39e128ada4c68357664c1b44c0e84.exe

MD5

1db39e128ada4c68357664c1b44c0e84

Filesize

624KB

Score
10 /10
SHA1

a3201ab63b7c34c0f19cb92c8aaf7c45a8d5ce07

SHA256

2fa1b077d0c0a2f292e166dd47f72ca444ceac3c43a1936b4f9a03d7c34d032a

SHA512

306c7c501c88383be3f2f2acf1215ec68fe209ddf1946ca6a70b05ba5e56c06890cb722489794ba95f7c377be5e4261f8dc4ad9d3917f4a4955fb2f7ae537522

Tags

Signatures

  • Xloader

    Description

    Xloader is a rebranded version of Formbook malware.

    Tags

  • Xloader Payload

    Tags

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10