xloader

General

Target

21fc8f1e8a50cfbc74f250310b3c71e9
Size

379KB
Sample

220127-sa124seeck
MD5

21fc8f1e8a50cfbc74f250310b3c71e9
SHA1

e7cc0c94266d921bdfede53ad5aa8e1861851147
SHA256

f5e1a753c6adb55fcc3eb64d7252f7c43ea1d4d5c33a63a5fa4373b3ca323f8c
SHA512

31f878d6bb77d78e48beee80921d0da85c256ffa329dd9e63ebc8af34fedf38cd2091d2ede5ae63361036372ed82f07096bcb4092624962783c1b36b66ad89f7

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

dpzz

Decoy

roadstown.com

idfaltd.com

infotechsearchgroup.com

elcuentodelaprincesa.com

youkutiyu88.com

wildparkresort.com

iss-sa.com

jmglaser.com

criticalthinking.store

cabinetsossa.com

satseconomy.com

newendtech.com

gran-piel.com

accoya.net

timothyschmallrealt.com

valentikaeventos.com

majestineprojector.com

love-austria.com

hermetikyogusmalikombi.com

karasevda-jor.com

Targets

- Target
  
  21fc8f1e8a50cfbc74f250310b3c71e9
- Size
  
  379KB
- MD5
  
  21fc8f1e8a50cfbc74f250310b3c71e9
- SHA1
  
  e7cc0c94266d921bdfede53ad5aa8e1861851147
- SHA256
  
  f5e1a753c6adb55fcc3eb64d7252f7c43ea1d4d5c33a63a5fa4373b3ca323f8c
- SHA512
  
  31f878d6bb77d78e48beee80921d0da85c256ffa329dd9e63ebc8af34fedf38cd2091d2ede5ae63361036372ed82f07096bcb4092624962783c1b36b66ad89f7
Score

10^/10

xloader dpzz loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2