Extracted

• • Target

    DHL AWB# 4AB19037XXX.pdf.exe

  • Size

    11KB

  • MD5

    690684b6b6a432ef5f8b34b67653d4be

  • SHA1

    34b072cdd785e0be9bf9717707a72c122ebf8e93

  • SHA256

    2ea667119c0aeda764dcb53a2adf480a26985bfc682949d0fb0c02d266342c68

  • SHA512

    b074acee0f6505a1c179af3149bc9146719b0df0bf6f0efa668d611ff388dc36f5cd7ed3c7c8a98317895ef716818ec0c3841ccff96aba0ba5ce8da15c0c6eb5

  Score

  10^/10

  xloadero4umloaderratspywarestealer

  • Xloader

    Xloader is a rebranded version of Formbook malware.

    loaderxloader

  • Xloader Payload

    rat

  • Downloads MZ/PE file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2