xloader

General

Target

9a11096ec7f7df31e17a49b906ffe6e8.exe
Size

784KB
Sample

220117-lmmlxshce8
MD5

9a11096ec7f7df31e17a49b906ffe6e8
SHA1

3badde24ac2d4dbcf354e6d31d1ecf29af4f0956
SHA256

a1d8420052bbdcaf3d318427bfe57edf5cc330fb14aaa5f4a597fac220c2a6de
SHA512

b8948bbdbcc03612ed5421d849ddcec4f02e5d83267620b8c0aa9e4f3bfc2714ff424bbd5c2876e2f4b317ad15e2db016912541385b191727d78de66fb8a4278

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

pnug

Decoy

natureate.com

ita-pots.website

sucohansmushroom.com

produrielrosen.com

gosystemupdatenow.online

jiskra.art

janwiench.com

norfolkfoodhall.com

iloveaddictss.com

pogozip.com

buyinstapva.com

teardirectionfreedom.xyz

0205168.com

apaixonadosporpugs.online

jawscoinc.com

crafter.quest

wikipedianow.com

radiopuls.net

kendama-co.com

goodstudycanada.com

Targets

- Target
  
  9a11096ec7f7df31e17a49b906ffe6e8.exe
- Size
  
  784KB
- MD5
  
  9a11096ec7f7df31e17a49b906ffe6e8
- SHA1
  
  3badde24ac2d4dbcf354e6d31d1ecf29af4f0956
- SHA256
  
  a1d8420052bbdcaf3d318427bfe57edf5cc330fb14aaa5f4a597fac220c2a6de
- SHA512
  
  b8948bbdbcc03612ed5421d849ddcec4f02e5d83267620b8c0aa9e4f3bfc2714ff424bbd5c2876e2f4b317ad15e2db016912541385b191727d78de66fb8a4278
Score

10^/10

xloader pnug loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2