xloader

General

Target

9dea40f95d7f9fc69ecc3f3d77f9a6bf
Size

479KB
Sample

220131-qlnj2shbhl
MD5

9dea40f95d7f9fc69ecc3f3d77f9a6bf
SHA1

45d0c8f4b20032188e365005e6e934e570786a30
SHA256

bfb63f78c88894c097832d1073716db0d322456da3a2bccc15e57eac15fa903d
SHA512

36f446ae7989c5f9ae2668695399312fc66fd530a6f5639c6cfaffae6f15ed2e9fe80566fb1f7df34637e35dec647e04631cf5512de4109a99043ebe15ae876b

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

p86f

Decoy

lawrencetodolist.com

ci-ohio.com

otpravka-pochti-23v.xyz

evolutiondesign.academy

anentdugloord.com

niftyresult.com

partner2form.com

hffznt.com

asukas.online

heidefine.xyz

secure-c5.com

greenlink-engineering.com

dextraseo.online

apricitee.com

kenyansinus.com

dailangxiaozhan.com

deuxfemmes.store

overway.store

herostea.com

shaneparrottllc.com

Targets

- Target
  
  9dea40f95d7f9fc69ecc3f3d77f9a6bf
- Size
  
  479KB
- MD5
  
  9dea40f95d7f9fc69ecc3f3d77f9a6bf
- SHA1
  
  45d0c8f4b20032188e365005e6e934e570786a30
- SHA256
  
  bfb63f78c88894c097832d1073716db0d322456da3a2bccc15e57eac15fa903d
- SHA512
  
  36f446ae7989c5f9ae2668695399312fc66fd530a6f5639c6cfaffae6f15ed2e9fe80566fb1f7df34637e35dec647e04631cf5512de4109a99043ebe15ae876b
Score

10^/10

xloader p86f loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2