xloader

General

Target

Order Acknowledgement Proforma Invoice.iso
Size

314KB
Sample

220126-zfx1zaaec9
MD5

fd0843115bd18529dc79417f3767395c
SHA1

0925553cf27028d8ffcb46345300d1e61b729bfc
SHA256

b7c8f621be2fb1a47c6ab6fc4d7700ce43670c8a66e222eb142a9677bf203feb
SHA512

a307c0df05a1cbe64458f8420cc43ebffeb73cf2fcfb8157bf32a7f393bcd17dc425bfe016f249ad8f0a1297fad93556e08e545eb34860c12d8df18924a4c651

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

pout

Decoy

leadergaterealty.com

k7bsz.info

laidjapp1.com

eastcountytaxi.com

betterlife-uae.com

materaiku.com

chanhxebinhthuan-hcm.online

06gjm.xyz

67t.xyz

here-we-meet.com

screened-articletoseetoday.info

lucykg.club

mujdobron.quest

susakhi.com

funtabse.com

unlimitedpain.com

2ed58fwec.xyz

weighttrainingexpert.com

allisonsheillax.com

yektaburgers.com

Targets

- Target
  
  Order Acknowledgement Proforma Invoice/Order Acknowledgement Proforma Invoice.pif
- Size
  
  248KB
- MD5
  
  b63c97ae6a48a3f189bd7a2848e45e74
- SHA1
  
  572e93c4c8b677551f69dd478172177a02081d1e
- SHA256
  
  ad719f3688ed1aa967f2509132b97ea96215a5bb3adf92a935e905ea0f6ce809
- SHA512
  
  9870bb039ceee8466b9cc8663d63b9eb1882ab6ff26bf186dd7e902942a5cdbcded4abc9a1f64c8d6006d9444bbab26fc141e8337d874622bdca53d17bc4c10b
Score

10^/10

xloader pout loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

1

T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Deletes itself

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2