4c70d5b1c63a468f7e0aedf64f93ca42

General
Target

4c70d5b1c63a468f7e0aedf64f93ca42

Size

1024KB

Sample

210928-g3sewsagf7

Score
10 /10
MD5

4c70d5b1c63a468f7e0aedf64f93ca42

SHA1

c248ab00560786b7be23151597d9503a2e84602f

SHA256

83242a0f42be34e66e502e4a3a45d2470f3b24aef8a1d8484711f4439d7fe74a

SHA512

2146f98b4f950555333a00668ab6f71ad2a432b12d12cb0c07cc2dc342884f88b491442c84da763b3101ee7ac89e8c08f6552203ba9470401e934191e4858a8c

Malware Config

Extracted

Family xloader
Version 2.5
Campaign mjyv
C2

http://www.simpeltattofor.men/mjyv/

Decoy

wenyuexuan.com

tropicaldepression.info

healthylifefit.com

reemletenleafy.com

jmrrve.com

mabduh.com

esomvw.com

selfcaresereneneness.com

murdabudz.com

meinemail.online

brandqrcodes.com

live-in-pflege.com

nickrecovery.com

ziototoristorante.com

chatcure.com

corlora.com

localagentlab.com

yogo7.net

krveop.com

heianswer.xyz

idproslot.xyz

anielleharris.com

lebonaharchitects.com

chilestew.com

ventasdecasasylotes.xyz

welcome-sber.store

ahmedintisher.com

pastlinks.com

productprinting.online

babybox.media

volteraenergy.net

chinatowndeliver.com

behiscalm.com

totalselfconfidence.net

single-on-purpose.com

miyonbuilding.com

medicalmanagementinc.info

bellaalubo.com

dubaibiologicdentist.com

jspagnier-graveur.com

deskbk.com

thehauntdepot.com

5fbuy.com

calmingscience.com

luvnecklace.com

noun-bug.com

mysenarai.com

socialmediaplugin.com

livinglovinglincoln.com

vaxfreeschool.com

Targets
Target

4c70d5b1c63a468f7e0aedf64f93ca42

MD5

4c70d5b1c63a468f7e0aedf64f93ca42

Filesize

1024KB

Score
10 /10
SHA1

c248ab00560786b7be23151597d9503a2e84602f

SHA256

83242a0f42be34e66e502e4a3a45d2470f3b24aef8a1d8484711f4439d7fe74a

SHA512

2146f98b4f950555333a00668ab6f71ad2a432b12d12cb0c07cc2dc342884f88b491442c84da763b3101ee7ac89e8c08f6552203ba9470401e934191e4858a8c

Tags

Signatures

  • Xloader

    Description

    Xloader is a rebranded version of Formbook malware.

    Tags

  • Xloader Payload

    Tags

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10