xloader

General

Target

Product Details of Mini IOT CASE 2022.exe
Size

441KB
Sample

220202-l1nfdahfdr
MD5

af16de750a628691e0147dc4d8bd354e
SHA1

ae32d77ed02b1c8f28528f372fc53e350acbf23a
SHA256

20142adbbec4e79cf460d90f427a580223ee0cab8e7946fb6e21133279949750
SHA512

007ffc4ab39aeb77c3f76752432cccdc466cdb9707a1059a663347b71e4bb7ada10582f2fcedc746b305319c89e3cb75e923195ec67fa27efef0ede758dcd877

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

s9ne

Decoy

digital-performance-award.com

fioratti.xyz

designluxre.com

cngangdun.com

restaurantperladelmare.com

davinci65.info

glossmans.com

firstsmileimaging.com

indevmobility.biz

mvptcodesupport.com

crustenc.net

raleighsportsacademy.com

boytoyporn.com

rojaspass.com

acmepaysage.fr

shopatdean.xyz

leonergsteve18870.com

elnahuel.com

ils.network

canto-libero.com

Targets

- Target
  
  Product Details of Mini IOT CASE 2022.exe
- Size
  
  441KB
- MD5
  
  af16de750a628691e0147dc4d8bd354e
- SHA1
  
  ae32d77ed02b1c8f28528f372fc53e350acbf23a
- SHA256
  
  20142adbbec4e79cf460d90f427a580223ee0cab8e7946fb6e21133279949750
- SHA512
  
  007ffc4ab39aeb77c3f76752432cccdc466cdb9707a1059a663347b71e4bb7ada10582f2fcedc746b305319c89e3cb75e923195ec67fa27efef0ede758dcd877
Score

10^/10

xloader s9ne loader rat suricata
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata
- Xloader Payload
  rat
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

suricata: ET MALWARE FormBook CnC Checkin (GET)

Xloader Payload

Deletes itself

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2