xloader

General

Target

VdBEgR6Ku0AvO5q.rar
Size

387KB
Sample

210917-wp7d8agag9
MD5

56daa8132cde748500199df11cb0beb7
SHA1

5f73674e144dcab12fb6bb142e429c85ec2dd7fc
SHA256

e180128a4a262d2762547e6f4cc1044a9a2d56b739e15a4b1994e8c531d37e8f
SHA512

06c825f97ba7e4c3a87964c5a34177888635f363ed03b8abb3dc4ab745381dfce9529036bffe51c321267f3e9be16328c16a5860002c1f285e53a948eda7f03e

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

a0ce

C2

http://www.car-surgeons.com/a0ce/

Decoy

chennaiprintshop.com

criminallawbd.com

www140800.com

southernleaflounge.com

moderngypsydesignlabs.com

bioarmourtech.com

simplyalina.com

picnicdepot.com

peshawarsc.com

innovativecustomcabinetry.com

fzju-ovrzw.xyz

63mews.com

giovannitarga.com

modernofficeaccessories.com

a2zpetcare.net

online-nb.com

brateix.info

bosc.pro

xcarethospitality.com

sedulabs.com

Targets

- Target
  
  VdBEgR6Ku0AvO5q.exe
- Size
  
  466KB
- MD5
  
  e4d86282f355372a50cce689adeb0f44
- SHA1
  
  03686ba548a698a2cbaba4574cfa14dd3bc08dc9
- SHA256
  
  2d3e5844b0aa36f4f7f1b4612f203212f652ed596f7d91797e73521d2a1b10c9
- SHA512
  
  221064a89019a25b6134f0322ca447124854f5c6ec9aede81bf8ffc8d60814eea830804f9117e78118c54fd5a18df43ac45b2eaff7b48d325ec2bb264702ed7d
Score

10^/10

xloader a0ce loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Deletes itself

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2