Overview

overview

10

Static

static

dridex

windows10-2004_x64

10

Resubmissions

17-01-2022 09:47

220117-lsbfvahch4 10

17-01-2022 09:46

220117-lrzr2shehk 1

17-01-2022 09:40

220117-lnkhyshcf3 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    10d7529f4fbf887796b8d6110dcf18bc77f9225a8be593235be080caf10b7d74

  • Size

    592KB

  • Sample

    220117-lnkhyshcf3

  • MD5

    f8e05f051c4151136ab7da1002e4c915

  • SHA1

    23bd18eee8c7cdc3fe21ecb778af9a89e855b71e

  • SHA256

    10d7529f4fbf887796b8d6110dcf18bc77f9225a8be593235be080caf10b7d74

  • SHA512

    427a04103a5fbede6f2ebe2e5e82a5fc4790b5108ac9bb165f96cc04871d655ca12a92d2bbaea13491a56e76122aa0412595613560e392fa1a7365c81e829463

Score
10/10
xloaderpnugloaderrat

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

pnug

Decoy

natureate.com

ita-pots.website

sucohansmushroom.com

produrielrosen.com

gosystemupdatenow.online

jiskra.art

janwiench.com

norfolkfoodhall.com

iloveaddictss.com

pogozip.com

buyinstapva.com

teardirectionfreedom.xyz

0205168.com

apaixonadosporpugs.online

jawscoinc.com

crafter.quest

wikipedianow.com

radiopuls.net

kendama-co.com

goodstudycanada.com

Targets

    • Target

      10d7529f4fbf887796b8d6110dcf18bc77f9225a8be593235be080caf10b7d74

    • Size

      592KB

    • MD5

      f8e05f051c4151136ab7da1002e4c915

    • SHA1

      23bd18eee8c7cdc3fe21ecb778af9a89e855b71e

    • SHA256

      10d7529f4fbf887796b8d6110dcf18bc77f9225a8be593235be080caf10b7d74

    • SHA512

      427a04103a5fbede6f2ebe2e5e82a5fc4790b5108ac9bb165f96cc04871d655ca12a92d2bbaea13491a56e76122aa0412595613560e392fa1a7365c81e829463

    Score
    10/10
    xloaderpnugloaderrat

    • Xloader

      Xloader is a rebranded version of Formbook malware.

      loaderxloader

    • Xloader Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks