xloader

General

Target

58c76c1548bcaf9b010352a14bd15373
Size

350KB
Sample

220112-lzhhqscbhk
MD5

58c76c1548bcaf9b010352a14bd15373
SHA1

93291dd5ca64a3751659f818b95e5c14711e49c8
SHA256

76d73723ac1e30fad92d7f3fdbb0a87c1d8854ad4e7d3d728805a3f26843085c
SHA512

c747cfd7767943e058379236b9e61f630b1dd2f306eb282cbce74b0756f54f26f1bb070796cf8135a40873d46398fa34efa4296d30155212c5336930c224c3a0

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

ef6c

Decoy

gicaredocs.com

govusergroup.com

conversationspit.com

brondairy.com

rjtherealest.com

xn--9m1bq8wgkag3rjvb.com

mylori.net

softandcute.store

ahljsm.com

shacksolid.com

weekendmusecollection.com

gaminghallarna.net

pgonline111.online

44mpt.xyz

ambrandt.com

eddytattoo.com

blendeqes.com

upinmyfeels.com

lacucinadesign.com

docomoau.xyz

Targets

- Target
  
  58c76c1548bcaf9b010352a14bd15373
- Size
  
  350KB
- MD5
  
  58c76c1548bcaf9b010352a14bd15373
- SHA1
  
  93291dd5ca64a3751659f818b95e5c14711e49c8
- SHA256
  
  76d73723ac1e30fad92d7f3fdbb0a87c1d8854ad4e7d3d728805a3f26843085c
- SHA512
  
  c747cfd7767943e058379236b9e61f630b1dd2f306eb282cbce74b0756f54f26f1bb070796cf8135a40873d46398fa34efa4296d30155212c5336930c224c3a0
Score

10^/10

xloader ef6c loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2