xloader

General

Target

d23ca1a68c0067ad0bd32dda2109c7db
Size

542KB
Sample

211029-kceynachg4
MD5

d23ca1a68c0067ad0bd32dda2109c7db
SHA1

de14528b88027332f2c406f42f23c68cf16ec11e
SHA256

877727126dd647bbd23c00721d01b1bbe752a01f1943f89a35f3ba7c908f1a48
SHA512

6ddf12ab12785b5ea4687e9bcbbfe40f0ad4b916576ead6789ac56f09f6216c352912d2458b17fead6383c0fc572a0a617f15d43c36dfa897ab22155b8f61213

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

pufi

C2

http://www.homestechs.com/pufi/

Decoy

fusiongroupgames.net

hugevari.com

rebeccagriffiths.com

trocaoferta.com

theslashapp.com

codezonesoftware.xyz

sottocommunications.com

minicreators.online

course2millions.com

hfm5n1dhkjqwpe.xyz

xlab-ub.com

silvanaribeirocake.com

thefabinteriordesign.com

mg-leadership.com

petbort.com

ndust.net

203040302.xyz

jakital.com

shophuunghia.info

rednacionaldejuecesrd.net

Targets

- Target
  
  d23ca1a68c0067ad0bd32dda2109c7db
- Size
  
  542KB
- MD5
  
  d23ca1a68c0067ad0bd32dda2109c7db
- SHA1
  
  de14528b88027332f2c406f42f23c68cf16ec11e
- SHA256
  
  877727126dd647bbd23c00721d01b1bbe752a01f1943f89a35f3ba7c908f1a48
- SHA512
  
  6ddf12ab12785b5ea4687e9bcbbfe40f0ad4b916576ead6789ac56f09f6216c352912d2458b17fead6383c0fc572a0a617f15d43c36dfa897ab22155b8f61213
Score

10^/10

xloader pufi loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2