xloader

General

Target

e4c892aef5cc8a224af323c3ad222a50
Size

816KB
Sample

220125-mjt29secc2
MD5

e4c892aef5cc8a224af323c3ad222a50
SHA1

e531fdbeee32fd4250f3d582b06aa03afc01a17e
SHA256

6e728d7a2e88ba45765fb4bbb1de4ddda1b3a402d5f31c04eddafe1962ab993c
SHA512

24c645cc4ea4b9ce77d0dcf2ccd3f353f15ab383ef9cfbb11796efe0cf9a80fbb0d364b98df0e459136a1f15d28a3d4ca0be1c8157eda491609655ee965daffc

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

dpzz

Decoy

roadstown.com

idfaltd.com

infotechsearchgroup.com

elcuentodelaprincesa.com

youkutiyu88.com

wildparkresort.com

iss-sa.com

jmglaser.com

criticalthinking.store

cabinetsossa.com

satseconomy.com

newendtech.com

gran-piel.com

accoya.net

timothyschmallrealt.com

valentikaeventos.com

majestineprojector.com

love-austria.com

hermetikyogusmalikombi.com

karasevda-jor.com

Targets

- Target
  
  e4c892aef5cc8a224af323c3ad222a50
- Size
  
  816KB
- MD5
  
  e4c892aef5cc8a224af323c3ad222a50
- SHA1
  
  e531fdbeee32fd4250f3d582b06aa03afc01a17e
- SHA256
  
  6e728d7a2e88ba45765fb4bbb1de4ddda1b3a402d5f31c04eddafe1962ab993c
- SHA512
  
  24c645cc4ea4b9ce77d0dcf2ccd3f353f15ab383ef9cfbb11796efe0cf9a80fbb0d364b98df0e459136a1f15d28a3d4ca0be1c8157eda491609655ee965daffc
Score

10^/10

xloader dpzz loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2