xloader

General

Target

b911af1e5d84afbe42050f97cef3573b
Size

856KB
Sample

210819-jd9jf4rx9j
MD5

b911af1e5d84afbe42050f97cef3573b
SHA1

706a40efe57a6351736054e3758de58573465a95
SHA256

b40312b973ddb1ec411375991f52c6d19204e650d90507445782aaa05bc02e46
SHA512

7effa2081a2e6e04fdee3d4696944a5d2bb80a16e8e2d173c173c80958e4ab69a9a9c52e8bcbb587a358ef6836569e298167acd9b05c4f0cedcdd31b6cdf440d

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

ahdu

C2

http://www.casinoregio.com/ahdu/

Decoy

premiumfreebie.com

spintheblackestcircles.com

okaidoku-shop.net

zonaseguradregistropremios.com

wzocflfow.com

maanyah.com

warrioredjuan.com

uniquelypizza.com

wondertreehr.com

ddriiverzautozs.com

mattenterline.com

urenium.com

salonjedibreakthrough.com

imgkurd.com

pierrejacqueslyon.com

quimicasurandina.com

jkpfukgmt.icu

ansariclinic.com

ashleysema.design

arkadiafoliage.com

Targets

- Target
  
  b911af1e5d84afbe42050f97cef3573b
- Size
  
  856KB
- MD5
  
  b911af1e5d84afbe42050f97cef3573b
- SHA1
  
  706a40efe57a6351736054e3758de58573465a95
- SHA256
  
  b40312b973ddb1ec411375991f52c6d19204e650d90507445782aaa05bc02e46
- SHA512
  
  7effa2081a2e6e04fdee3d4696944a5d2bb80a16e8e2d173c173c80958e4ab69a9a9c52e8bcbb587a358ef6836569e298167acd9b05c4f0cedcdd31b6cdf440d
Score

10^/10

xloader ahdu loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2