xloader

Resubmissions

21-10-2021 12:23

211021-pkfx5sacd7 10

21-10-2021 11:12

211021-na81haabh3 10

Sharing

Copy URL

Twitter E-mail

General

Target

REE20212110575259OCT.lzh
Size

404KB
Sample

211021-na81haabh3
MD5

5db43b8c8a1fea81c63ec85f0899d505
SHA1

f39a98fc1598e574a9f105b9b22b6c33315f2098
SHA256

cc92a5217fc8672312221ff0c7e7e24fc466c94e47bd813545839052f4b71a30
SHA512

c2d14cc5332cef854d427360dc2d89a578704fc6372d066f2cd47e899ff8598b737a1be7cc6cfcf0e2d0441e5aee31eb160195fb9faf159b7be4deb12576fe92

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

gab8

http://www.purodetalle.com/gab8/

Decoy

amateurfeetworship.com

big-food.biz

metaversevolution.com

profecional-pacasmayo.com

royzoom.com

bekindevolution.com

hokozaki.com

waltersswholesale.com

wayfinderacu.com

schnurrgallery.com

babygearrentals.net

imggtoken.club

24x7x366.com

lakiernictwo.info

les-cours.com

dwticket.com

onarollshades.com

ramireztradepartners.com

safarparfums.com

6ngie.info

Targets

- Target
  
  REE20212110575259OCT.exe
- Size
  
  498KB
- MD5
  
  9c00fc940483cff2a0f3f619db16ad54
- SHA1
  
  6f9c746d9cfb4e0bbf829783a82b883f7317b16b
- SHA256
  
  8a54e41751369783c64f56f30133b985933092324e9b2dad025641d23643280c
- SHA512
  
  30451538f9ed65159280a168c711056d7bc0776d0c30f1c82bfa4dfacfe4373c01f503004f1eacc1a690104f99bf7e78c61c5436261c0813508467ff5dd4ff21
Score

10^/10

xloader gab8 loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Deletes itself

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2