xloader

General

Target

PROFORMA INVOICE_PDF.exe
Size

718KB
Sample

220119-p4mvsshher
MD5

076375a538b587ac4d6297ffc2c8b58c
SHA1

e1b0d3265fa30eb2cf3d207cb550b884963ff475
SHA256

64c7583a94ab474b9cd3509e8ca73eb7a19e70ffc2c4fa4582ccd7fd3f10c5ec
SHA512

8dd8f67a728a13b6c3928dc845213dd0ba0ce31b97f8dedd2c262c72483fc8674a619aa969f4275184de1ad7e1b75aff0fd9bf54a2b622a56e2827ec8c6c912f

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

nt3f

Decoy

tricyclee.com

kxsw999.com

wisteria-pavilion.com

bellaclancy.com

promissioskincare.com

hzy001.xyz

checkouthomehd.com

soladere.com

point4sales.com

socalmafia.com

libertadysarmiento.online

nftthirty.com

digitalgoldcryptostock.net

tulekiloscaird.com

austinfishandchicken.com

wlxxch.com

mgav51.xyz

landbanking.global

saprove.com

babyfaces.skin

Targets

- Target
  
  PROFORMA INVOICE_PDF.exe
- Size
  
  718KB
- MD5
  
  076375a538b587ac4d6297ffc2c8b58c
- SHA1
  
  e1b0d3265fa30eb2cf3d207cb550b884963ff475
- SHA256
  
  64c7583a94ab474b9cd3509e8ca73eb7a19e70ffc2c4fa4582ccd7fd3f10c5ec
- SHA512
  
  8dd8f67a728a13b6c3928dc845213dd0ba0ce31b97f8dedd2c262c72483fc8674a619aa969f4275184de1ad7e1b75aff0fd9bf54a2b622a56e2827ec8c6c912f
Score

10^/10

xloader nt3f loader rat suricata
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata
- Xloader Payload
  rat
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

suricata: ET MALWARE FormBook CnC Checkin (GET)

Xloader Payload

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2