xloader

General

Target

67c2e81f3bba790f087e4a778656450583fe5fb3fd4cd4252c886d170f506657
Size

844KB
Sample

220125-tysajsaghk
MD5

1f67e5da6fc0bd49e1d5340698230af5
SHA1

7730210d4940e56d6eb13c205371bc2a1a217f3a
SHA256

67c2e81f3bba790f087e4a778656450583fe5fb3fd4cd4252c886d170f506657
SHA512

f9519ecd134ad4f6434c261c882902fd821660b97a4761c5831273fd715c5a711d665fa267043dc84e473b09d11e37403c74f25e7ee77be9e33c64a52ad36b5a

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

s9ne

Decoy

digital-performance-award.com

fioratti.xyz

designluxre.com

cngangdun.com

restaurantperladelmare.com

davinci65.info

glossmans.com

firstsmileimaging.com

indevmobility.biz

mvptcodesupport.com

crustenc.net

raleighsportsacademy.com

boytoyporn.com

rojaspass.com

acmepaysage.fr

shopatdean.xyz

leonergsteve18870.com

elnahuel.com

ils.network

canto-libero.com

Targets

- Target
  
  67c2e81f3bba790f087e4a778656450583fe5fb3fd4cd4252c886d170f506657
- Size
  
  844KB
- MD5
  
  1f67e5da6fc0bd49e1d5340698230af5
- SHA1
  
  7730210d4940e56d6eb13c205371bc2a1a217f3a
- SHA256
  
  67c2e81f3bba790f087e4a778656450583fe5fb3fd4cd4252c886d170f506657
- SHA512
  
  f9519ecd134ad4f6434c261c882902fd821660b97a4761c5831273fd715c5a711d665fa267043dc84e473b09d11e37403c74f25e7ee77be9e33c64a52ad36b5a
Score

10^/10

xloader s9ne loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2