xloader

General

Target

ae7b3dc7cbc2202855418718b8cc9c3c.exe
Size

426KB
Sample

210919-sfkx3segdn
MD5

ae7b3dc7cbc2202855418718b8cc9c3c
SHA1

cac4bddaa47b50256006da8a4bf2c6bb3528bcc9
SHA256

e94b8626361ef2ef783dbb4c5662c62a2f27f79e7453b0831805a04541e0ac12
SHA512

b95a83e6c0a32b5483aa2eb22116d03b028edb077b8474477689584d4363ed5aca6f2fa4eb2e70698950d0b7260e5d40ee85f21db7f86aba9588e6c4aba9e9f3

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.4

Campaign

uytf

C2

http://www.fasilitatortoefl.com/uytf/

Decoy

estherestates.online

babyballetwigan.com

ignorantrough.xyz

moominmamalog.com

pasticcerialemmi.com

orangstyle.com

oldwaterfordfarm.com

aiiqiuwnsas.com

youindependents.com

runbank.net

phytolipshine.com

almedmedicalcenter.com

czxzsa.com

yummyblockparty.com

gadgetinfo.info

cloudfolderplayer.com

chowding.com

xn--tarzmbu-ufb.com

danielaasab.com

dreampropertiesluxury.com

Targets

- Target
  
  ae7b3dc7cbc2202855418718b8cc9c3c.exe
- Size
  
  426KB
- MD5
  
  ae7b3dc7cbc2202855418718b8cc9c3c
- SHA1
  
  cac4bddaa47b50256006da8a4bf2c6bb3528bcc9
- SHA256
  
  e94b8626361ef2ef783dbb4c5662c62a2f27f79e7453b0831805a04541e0ac12
- SHA512
  
  b95a83e6c0a32b5483aa2eb22116d03b028edb077b8474477689584d4363ed5aca6f2fa4eb2e70698950d0b7260e5d40ee85f21db7f86aba9588e6c4aba9e9f3
Score

10^/10

xloader uytf loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2