xloader

General

Target

bank details .rar
Size

236KB
Sample

220128-tehl1ageb9
MD5

b5ca3ee0e5bf389d8b6d691cc358069f
SHA1

b285df8a0113dd22e8aa1b9d9fe436b1adab9b57
SHA256

f0f85684d4b99718ec9ede7de230aa5c58bbaad73d8bf3f03d3059fffe4627bd
SHA512

aae6434c3c43f720b84f3234f8d3fbde9848b29aa9190be5130a13267fa94fe5f201262e145ecb196f2da79942e7c7d36b5d1baf36af6569f3c75faf8ac54dd3

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

igwa

Decoy

listingswithalex.com

funtabse.com

aydenwalling.com

prochal.net

superfoodsnederland.com

moldluck.com

dianekgordon.store

regionalhomescommercial.com

mysecuritymadesimple.com

malwaremastery.com

kodaikeiko.com

jrzg996.com

agricurve.net

songlingjiu.com

virginianundahfishingclub.com

friendschance.com

pastelpresents.com

answertitles.com

survival-hunter.com

nxfddl.com

Targets

- Target
  
  bunker inquiry_mv setaii.exe
- Size
  
  248KB
- MD5
  
  242a7a023efff4ca0bc7abdd3171feb8
- SHA1
  
  c33c534361745d93a30f0e5a86c87e38fc170210
- SHA256
  
  39cc0c369b8ce6f0570864f4ac0019abed40383a582aae1a13c34e2de08a7168
- SHA512
  
  e6f0157ef9c92270e45ecab19ee34c7d85d5104e621234efb9f386d3bc1a5afcd0d14a67882d3937d01d565ddc0c782a43ccecb0f99c84246c51653c4a801521
Score

10^/10

xloader igwa loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Blocklisted process makes network request
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Blocklisted process makes network request

Deletes itself

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2