xloader

General

Target

u prilogu je nova narudzba za kupnju.exe
Size

1.0MB
Sample

211206-sa2cwahcd5
MD5

586db006f3320cb9a41a62f7f5a0c4e1
SHA1

3b6f558429e9fe51b191dfbb63bdc7161d95870a
SHA256

af2a8024939f13bee37b6d3a35aa5df93e2a6b11cede4bea19493c4d704b050f
SHA512

aa79f05e68b71cb7cb5ddb9f12ceada09e7433d7733adcde6c20eb1a3695cff22161cb73e8cee0898444e9e1ec9258b2a6ae4e2e780b5ed9849d4a1596cd3d17

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

pvxz

C2

http://www.finetipster.com/pvxz/

Decoy

imt-token.club

abravewayocen.online

shcloudcar.com

mshoppingworld.online

ncgf08.xyz

stuinfo.xyz

wesavetheplanetofficial.com

tourbox.xyz

believeinyourselftraining.com

jsboyat.com

aaeconomy.info

9etmorea.info

purosepeti7.com

goticketly.com

pinkmemorypt.com

mylifewellnesscentre.com

iridina.online

petrestore.online

neema.xyz

novelfooditalia.com

Targets

- Target
  
  u prilogu je nova narudzba za kupnju.exe
- Size
  
  1.0MB
- MD5
  
  586db006f3320cb9a41a62f7f5a0c4e1
- SHA1
  
  3b6f558429e9fe51b191dfbb63bdc7161d95870a
- SHA256
  
  af2a8024939f13bee37b6d3a35aa5df93e2a6b11cede4bea19493c4d704b050f
- SHA512
  
  aa79f05e68b71cb7cb5ddb9f12ceada09e7433d7733adcde6c20eb1a3695cff22161cb73e8cee0898444e9e1ec9258b2a6ae4e2e780b5ed9849d4a1596cd3d17
Score

10^/10

xloader pvxz loader persistence rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Adds Run key to start application

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2