xloader

General

Target

4LuDvvr1mxjCkgH.exe
Size

377KB
Sample

220127-e58tjsfeel
MD5

dd0dc6631fb0bcd997747666c831733b
SHA1

e09287a9d03145ab6e8d28d393b113d423b5e9b0
SHA256

87bee99028bfdc6e8500d7c428e4260a51dc6f23e8e7f60eb3d6bb91c10d7ef6
SHA512

a4838fe47e55768b118d5c8ad117d6b8b23c67c334011c1dc6a30953c388ee553f029fefc6a19d86400f7c8c63f354978a45b4dd922d6f8ca7b2abf2948d6d66

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

n63s

Decoy

undaflow.com

weconnectfer.com

kmongpil.com

scavifovtuvm.mobi

nftcomic.store

ardon123.com

naclepin1a.online

royre.com

onlinefreetestseries.com

achkasov.team

akcweb.com

xn--watershedcaf-meb.com

mylindiss.com

beersmarket.com

dermaxhomecare.com

wordlinelanguages.com

goldngate.net

agnesdesigner.net

conciergeortho.info

harpo-solutions.com

Targets

- Target
  
  4LuDvvr1mxjCkgH.exe
- Size
  
  377KB
- MD5
  
  dd0dc6631fb0bcd997747666c831733b
- SHA1
  
  e09287a9d03145ab6e8d28d393b113d423b5e9b0
- SHA256
  
  87bee99028bfdc6e8500d7c428e4260a51dc6f23e8e7f60eb3d6bb91c10d7ef6
- SHA512
  
  a4838fe47e55768b118d5c8ad117d6b8b23c67c334011c1dc6a30953c388ee553f029fefc6a19d86400f7c8c63f354978a45b4dd922d6f8ca7b2abf2948d6d66
Score

10^/10

xloader n63s loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2