xloader

General

Target

METALIMEX-RFQBYSM-207_SC_offer_kaismiddleeast74567377.7z.exe
Size

309KB
Sample

211006-q9pf9abbh5
MD5

0070ab3e990bd8c6eaca780527718ace
SHA1

8079e31f033b3fe6ecc3bc5647f3d46179536fb5
SHA256

b4dd5b1d79a6d7fb71d62379aec4338a4072a9736e1383d0d1ee185d02e47619
SHA512

87df1fd9152462d6fb0c0a2310e5e9feacd124053c6487f7ae4834266fb4ec3b765f21a0456ee2038ab4546fed5b80bb488645629f5c54a727ebcdca846eb7b4

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

dhua

C2

http://www.segurosramosroman.com/dhua/

Decoy

ketostar.club

icanmakeyoufamous.com

claimygdejection.com

garlicinterestedparent.xyz

bits-clicks.com

030atk.xyz

ballwiegand.com

logs-illumidesk.com

785686.com

flnewsfeed.com

transporteshrj.net

agenciamundodigital.online

bowersllc.com

urchncenw.com

wuauwuaumx.com

littlesportsacademy.com

xn--m3chb3ax0abdta3fwhk.com

prmarketings.com

jiaozhanlianmeng.com

whenisthestore.space

Targets

- Target
  
  METALIMEX-RFQBYSM-207_SC_offer_kaismiddleeast74567377.7z.exe
- Size
  
  309KB
- MD5
  
  0070ab3e990bd8c6eaca780527718ace
- SHA1
  
  8079e31f033b3fe6ecc3bc5647f3d46179536fb5
- SHA256
  
  b4dd5b1d79a6d7fb71d62379aec4338a4072a9736e1383d0d1ee185d02e47619
- SHA512
  
  87df1fd9152462d6fb0c0a2310e5e9feacd124053c6487f7ae4834266fb4ec3b765f21a0456ee2038ab4546fed5b80bb488645629f5c54a727ebcdca846eb7b4
Score

10^/10

xloader dhua loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2