h.exe

General
Target

h.exe

Size

164KB

Sample

211021-pkwctsbbdk

Score
10 /10
MD5

5a1625b4d218701aee2792942873844c

SHA1

7c182f2f42a6e0cfa173b984d7af9825d1d22675

SHA256

521eaf117bcfc62a8ae241f2b625ad3850e686cb11b48b536aa4848f96966d83

SHA512

59a6c529823426576d01ede431c77ec339a1e0622dc5dd8d7dfad7e6d63b7dded3fb19d51e1aa1119bd26fc5485e4dcb166a8dac2ee6f9d2c0e2753b5fcd4657

Malware Config

Extracted

Family xloader
Version 2.5
Campaign euzn
C2

http://www.heser.net/euzn/

Decoy

235296tyc.com

gold12guide.art

baibuaherb.com

weberwines.tax

chezvitoria.com

aidenb.tech

pitchdeckservice.com

surgeryforfdf.xyz

workunvaccinated.com

hrtaro.com

yourotcs.com

sonimultispecialityclinic.com

consultantadvisors.com

pentesting-consulting.com

dantechs.digital

longshifa.online

taweilai.net

imyusuke.com

cashndashfinancial.com

fasiglimt.quest

jakital.com

graywolfdesign.com

pepeavatar.com

predixlogisticscourier.com

football-transfer-news.pro

herbalmedication.xyz

esd66.com

janesgalant.quest

abcrefreshments.com

chaoxy.com

rediscoveringyouhealing.com

mcrjadr5.xyz

n4sins.com

faithful-presence.com

013yu.xyz

isystemslanka.com

newbeautydk.com

ethiopia-info.com

hgaffiliates.net

anodynemedicalmassage.com

esohgroup.com

clinicamonicabarros.com

rafathecook.com

londonescort.xyz

dreamites.com

webtiyan.com

cnnautorepair.com

soposhshop.com

aarohaninsight2021.com

arceprojects.com

Targets
Target

h.exe

MD5

5a1625b4d218701aee2792942873844c

Filesize

164KB

Score
10 /10
SHA1

7c182f2f42a6e0cfa173b984d7af9825d1d22675

SHA256

521eaf117bcfc62a8ae241f2b625ad3850e686cb11b48b536aa4848f96966d83

SHA512

59a6c529823426576d01ede431c77ec339a1e0622dc5dd8d7dfad7e6d63b7dded3fb19d51e1aa1119bd26fc5485e4dcb166a8dac2ee6f9d2c0e2753b5fcd4657

Tags

Signatures

  • Xloader

    Description

    Xloader is a rebranded version of Formbook malware.

    Tags

  • Xloader Payload

    Tags

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          10/10

                          behavioral1

                          10/10

                          behavioral2

                          10/10