muestras de productos.exe

General
Target

muestras de productos.exe

Size

927KB

Sample

210722-12wwz7j6jj

Score
10 /10
MD5

0f346a68db9aa51d88cc26ed28920b51

SHA1

6013587a5e74bc0a6314f6491138937392911ed0

SHA256

a7ad626a9a14d2e0bbf3c43954a8c9497b69e8c8b27fbdfc7d6fdf699613a6bc

SHA512

c7b00ac68416c445ac55a3893e03a268a746ef3bf49be1baddb69057d09209ebdaac3cd251d000ed2dbc847b00b0b4c672241cc1e225b069b3ac76565cd6b5f6

Malware Config

Extracted

Family xloader
Version 2.3
C2

http://www.recareerrecruiter.com/w56m/

Decoy

damai.zone

mywishbookweb.cloud

sandilakeclothing.bid

joysell.net

hackedwhores.com

sjdibang.com

memaquiahiga.com

bleeckerbobs.net

emmettthomas.com

thesheetz.com

mimik33.info

prettyprettybartending.com

3173596.com

shwangjia.com

sightuiop.com

tinnitusnow.online

mahadevexporters.com

cleaninglanarkshire.com

ibiaozhi.net

upinfame.com

indofee.com

faustoromano.net

piikpook.com

255135.com

caucasianwhisperer.com

performanceanimalservices.com

jodyscalendar.com

vantecmarketing.com

berrydemeyfansite.com

fishingkerry.com

weeklyupdate.club

partofsum.com

dallasdental.net

zgsdjzw.com

attic.team

mariolupica.com

belladermaserum.com

blackdiamondhardware.com

tidbitsmart.com

chinaccc.net

dfwhomesbysabrina.com

allameh.club

nanos-ai.net

whimsybeardesigns.com

apple-selfstorage.com

elegantemusique.com

prettyisaministry.com

motivasyonakademi.com

edeblue.com

kaimold.com

Targets
Target

muestras de productos.exe

MD5

0f346a68db9aa51d88cc26ed28920b51

Filesize

927KB

Score
10 /10
SHA1

6013587a5e74bc0a6314f6491138937392911ed0

SHA256

a7ad626a9a14d2e0bbf3c43954a8c9497b69e8c8b27fbdfc7d6fdf699613a6bc

SHA512

c7b00ac68416c445ac55a3893e03a268a746ef3bf49be1baddb69057d09209ebdaac3cd251d000ed2dbc847b00b0b4c672241cc1e225b069b3ac76565cd6b5f6

Tags

Signatures

  • Xloader

    Description

    Xloader is a rebranded version of Formbook malware.

    Tags

  • Xloader Payload

    Tags

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      behavioral1

                      10/10

                      behavioral2

                      10/10