xloader

General

Target

SKM531996544527BT.IMG
Size

1.2MB
Sample

210901-xybrgp2vvs
MD5

f964692f564ac2a92548ae26aef6ac67
SHA1

2509ee44300a675b65a373e9d86f7d37518bbf17
SHA256

9983075bf1dd7a3cde49b353773b4c5d7e07d83f1cfdb2d690546c6295246c3e
SHA512

2cc7789d3976b4729332048c737a58392fa196955c8ac870472e3b082c9de9347e1c7e0d5c779af3e3129d657959d4bcec37b60f9bbad7257f4a09abcee42187

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

p086

C2

http://www.riscology.com/p086/

Decoy

jinshichain.com

worldpettraveler.com

hightecforpc.com

kj97fm.com

streetnewstv.com

webrew.club

wheretogodubai.com

apostapolitica.net

thecafy.com

vinelosangeles.com

gashinc.com

gutitout.net

bvd-invest.com

realtoroutdesk.com

lawnbowlstournaments.net

nobodyisillegal.com

abogadoorihuela.net

sanistela.com

jksecurityworld.com

peppermintproject.com

Targets

- Target
  
  OR81530S.EXE
- Size
  
  636KB
- MD5
  
  af331c3c0907af5282c00443536b22c7
- SHA1
  
  ed908b4ad857a61bc9aa84bf8d53df894ee7bd5d
- SHA256
  
  1013981e9742f0debfe503dcb812e5f87990eecdb7d2857c233652a8a3acafff
- SHA512
  
  f00f1eb4df01061dd1bfec6c6df3e509359aa4a5acea5c91f5b9cd41e4bbf218d46a43b25d00922f86d1bbe99d090622e042cea1ce2184bd75d6f47b14fc7423
Score

10^/10

xloader p086 loader rat suricata
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

suricata: ET MALWARE FormBook CnC Checkin (GET)

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2