xloader

General

Target

0e947ac360cb2f49dd978d7b4c4f9d6d.exe
Size

5.3MB
Sample

210430-ntgzp1hy4j
MD5

0e947ac360cb2f49dd978d7b4c4f9d6d
SHA1

f3aed046e7375894884411c3a99c9e9c554fa790
SHA256

572e6066888624b7fa82b7bc17bbe0dc05440b4031cc71fc38f4d67a0571799e
SHA512

3954aa22e97b039870ece0053a2ac3e1d8151068f32442116f4bad1f968c22983beaf3f5365623b6e3cbf299dc792c11897997c957c24c1c258c2993eeaf3552

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.3

C2

http://www.kabtex.com/akcs/

Decoy

choshmardokaan.com

joint-care02.xyz

marysclues.net

filereq.com

megazila.online

prendre-soin-de-moi.com

xn--bvs066l.com

depressionreduction.com

buysellglobally.com

assetascension.com

sharmleads.com

jaambet.com

schulverwaltung.digital

incisionnetwork.com

protectalaskasballot.com

hellfrost-wow.com

soakedsaints.com

somebodystory.com

purecraft-hemp.com

wseysfgvc.icu

Targets

- Target
  
  0e947ac360cb2f49dd978d7b4c4f9d6d.exe
- Size
  
  5.3MB
- MD5
  
  0e947ac360cb2f49dd978d7b4c4f9d6d
- SHA1
  
  f3aed046e7375894884411c3a99c9e9c554fa790
- SHA256
  
  572e6066888624b7fa82b7bc17bbe0dc05440b4031cc71fc38f4d67a0571799e
- SHA512
  
  3954aa22e97b039870ece0053a2ac3e1d8151068f32442116f4bad1f968c22983beaf3f5365623b6e3cbf299dc792c11897997c957c24c1c258c2993eeaf3552
Score

10^/10

xloader loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2