xloader

Resubmissions

11-01-2022 04:01

220111-ell6fafcaj 10

11-01-2022 03:55

220111-egyzfaehd2 10

Sharing

Copy URL

Twitter E-mail

General

Target

538b16e9cf0d0c6e8ab57ccbf7cc8457164615fb47cdf2e17278a635a9de36c7.zip
Size

555KB
Sample

220111-ell6fafcaj
MD5

8914ac9579a77c019d18ad52bc8bc689
SHA1

49a2d12ea6aa96ff7806b57351ebc4239d0505bf
SHA256

68d833bbc98fa8c14cab1c22f458f0ec7a971b908365767514a8e2c1e3504f2f
SHA512

3de5ce15daf51da831397dd903cb021375e038389ed15ecbef648bdbf4c2e4133ac71acb81901dc8059634745b6ac5764f9b17f80882abe8bc6d4de052b34223

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

ef6c

Decoy

gicaredocs.com

govusergroup.com

conversationspit.com

brondairy.com

rjtherealest.com

xn--9m1bq8wgkag3rjvb.com

mylori.net

softandcute.store

ahljsm.com

shacksolid.com

weekendmusecollection.com

gaminghallarna.net

pgonline111.online

44mpt.xyz

ambrandt.com

eddytattoo.com

blendeqes.com

upinmyfeels.com

lacucinadesign.com

docomoau.xyz

Targets

- Target
  
  538b16e9cf0d0c6e8ab57ccbf7cc8457164615fb47cdf2e17278a635a9de36c7
- Size
  
  715KB
- MD5
  
  f444b6e1dfea126b54556aa8b3321f9a
- SHA1
  
  7c318d0d03dc5ad399b5fe764c1cbb132faf6c1b
- SHA256
  
  538b16e9cf0d0c6e8ab57ccbf7cc8457164615fb47cdf2e17278a635a9de36c7
- SHA512
  
  08ef03f4fd192cbfb0d322c3ba4f71940322f7fea7c477e67d53387cb6d321561d76462c8b6812f3627524d05bdaf89a14afd51b2fd5d02de2f0299cd1507d81
Score

10^/10

xloader ef6c loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2