Overview

overview

10

Static

static

Statement ...t..exe

windows7_x64

10

Statement ...t..exe

windows10_x64

10

Resubmissions

27-09-2021 04:14

210927-etnz1affh9 10

15-09-2021 08:47

210915-kpvvmsddbn 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Statement of Acct..exe

  • Size

    521KB

  • Sample

    210927-etnz1affh9

  • MD5

    850ef5cb4d3e3023ab26072a4cc6a25f

  • SHA1

    0947a5b62ad244324971c7863977befaae3d71fd

  • SHA256

    bb7d986712c63235f866f11ebc85ac60c360676e0576a075f16c16f679c31c7b

  • SHA512

    58e8d6ecc2fbae3d85ff390c30bb5e7cff7f392ea2eae7bec8844e25b14b310e6af1a40da3e1d85516b881d1dcad2081a4d65e4da07ac6bbe45fa6a6d4e804a7

Score
10/10
xloadertgndloaderrat

Malware Config

Extracted

Family

xloader

Version

2.4

Campaign

tgnd

C2

http://www.fhuosa.com/tgnd/

Decoy

forever1887.com

zkz889.icu

futuresmanagers.com

salondebelle.biz

ziwomou.site

mobilestoreok.com

codexiveserver.xyz

cloudrail.net

pancakeandwaffle.net

ckbtmg.com

ralphboyer.net

carpenterglobal.solutions

mercoso.com

restoreyourpavers.com

tianyunpd.com

lan-sinoh.xyz

networlink.com

kazisworkshop.com

hempandcan.com

wd255.com

Targets

    • Target

      Statement of Acct..exe

    • Size

      521KB

    • MD5

      850ef5cb4d3e3023ab26072a4cc6a25f

    • SHA1

      0947a5b62ad244324971c7863977befaae3d71fd

    • SHA256

      bb7d986712c63235f866f11ebc85ac60c360676e0576a075f16c16f679c31c7b

    • SHA512

      58e8d6ecc2fbae3d85ff390c30bb5e7cff7f392ea2eae7bec8844e25b14b310e6af1a40da3e1d85516b881d1dcad2081a4d65e4da07ac6bbe45fa6a6d4e804a7

    Score
    10/10
    xloadertgndloaderrat

    • Xloader

      Xloader is a rebranded version of Formbook malware.

      loaderxloader

    • Xloader Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

1
T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks