xloader

General

Target

SWIFT Copy00323012022PDF.gz.zip
Size

46KB
Sample

220124-plq5haefb5
MD5

1eb0477e5c7870fd2a0d92b7b3737b85
SHA1

0b516db5d16481e2137c64015599719fa1f9f28c
SHA256

4c68b14580c8ffca6f3a30f4e5cd967777d57d2b83311609d9bb515b36e88d6f
SHA512

3faab16858ef52d26a75cc06ca4e23b1140ecb74d64a1690517e0da35943d4e610bac5794102e0ee3e6c3b6a35eb18422e73a9442559c05502677c29d2263126

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

be4o

Decoy

neonewway.club

kuanghong.club

7bkj.com

ooo-club.com

kamchatka-agency.com

sjsndtvitzru.mobi

noireimpactcollective.net

justbe-event.com

easypeasy.community

southcoast.glass

janhenningsen.com

jmxyjj.com

tarihibilet.com

nagradi7.com

percentrostered.net

certvaxid.com

kingseafoodsydney.com

blacksheepwalk.com

waktuk.com

inteligenciaenrefrigeracion.com

Targets

- Target
  
  SWIFT Copy00323012022PDF.exe
- Size
  
  79KB
- MD5
  
  9a1b5e42a5855fd3240a9c33346d07ca
- SHA1
  
  228b3fde2e6e7a31a940931d08df2a4ed1e5d7e3
- SHA256
  
  fbfcc39fb2e03d204a83cb9dceaa90e692ddb28367457586fdace8ff27b11d88
- SHA512
  
  200d09616b4f4e31c1ec5f04c4c8e0a8541d4246d153b018cdbd7f273a246373b8e028c27a45ebfb887b26967fcd13816ff96842d812d7c8876d176bd875691b
Score

10^/10

xloader be4o loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2