xloader | 0a7a5f4a91ffb0759dd7e1fe9ddfe419c96e4d881060fc93968f92dd0b2aca8b | Triage

Sharing

General

Target

3fd3f37912e5aa23fceb3877d6ee43c8b102410d4fc90b147aab266972939b07.zip
Size

465KB
Sample

210915-xakgksbbc9
MD5

e88073c9b288839176876172a2010487
SHA1

906408ad46e564b045063c4e1661379e7f46abd2
SHA256

0a7a5f4a91ffb0759dd7e1fe9ddfe419c96e4d881060fc93968f92dd0b2aca8b
SHA512

6f166babd95d45c94966af2da552d8ac6d7ce22dede1a6ea988b1ecfa6d1b1561e08b92518248a1c6b015b600b1aa31fe82c0ea638cea1660d823dc3d1f7b73c

Score

10^/10

xloader b6cu loader rat

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

b6cu

C2

http://www.allfyllofficial.com/b6cu/

Decoy

sxdiyan.com

web0084.com

cpafirmspokane.com

la-bio-geo.com

chacrit.com

stuntfighting.com

rjsworkshop.com

themillennialsfinest.com

thefrontrealestate.com

chairmn.com

best1korea.com

gudssutu.icu

backupchip.net

shrikanthamimports.com

sportrecoverysleeve.com

healthy-shack.com

investperwear.com

intertradeperu.com

resonantonshop.com

greghugheslaw.com

Targets

- Target
  
  3fd3f37912e5aa23fceb3877d6ee43c8b102410d4fc90b147aab266972939b07
- Size
  
  695KB
- MD5
  
  7cd694db75c939ed51f668809c7d9f14
- SHA1
  
  cc26f30730167d1a746a20564d3568376c5b4afa
- SHA256
  
  3fd3f37912e5aa23fceb3877d6ee43c8b102410d4fc90b147aab266972939b07
- SHA512
  
  69e6f521a771f8bfb2c5989db52ec99f19adaf6bc721de6857a2d47660b37bd5f9b786c0b4bf78d4ac82322d26235c13fb444b6590ba6c85ef009758ddeb6fb4
Score

10^/10

xloader b6cu loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

xloaderb6culoaderrat

behavioral2

xloaderb6culoaderrat