xloader

General

Target

918d148a95ceffbf6cf619106cbbc49f
Size

456KB
Sample

220216-lfd17sbed5
MD5

918d148a95ceffbf6cf619106cbbc49f
SHA1

32075f31064cbd71e820f9c5a9b1c41e357b17ea
SHA256

826837df6dde8385f31f1a25df7ebdf946b9519af3142bfb87d4b9196f3822f1
SHA512

25d415e45b326d5db660326124fdc189fb1d17198159197ad2ab953bed979116fd743f49d122a7ef70c9735fdef3dc89893ddebe10b950dc88152d75578f2fb7

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

ahc8

Decoy

192451.com

wwwripostes.net

sirikhalsalaw.com

bitterbaybay.com

stella-scrubs.com

almanecermezcal.com

goodgood.online

translate-now.online

sincerefilm.com

quadrantforensics.com

johnfrenchart.com

plick-click.com

alnileen.com

tghi.xyz

172711.com

maymakita.com

punnyaseva.com

ukash-online.com

sho-yururi-blog.com

hebergement-solidaire.com

Targets

- Target
  
  918d148a95ceffbf6cf619106cbbc49f
- Size
  
  456KB
- MD5
  
  918d148a95ceffbf6cf619106cbbc49f
- SHA1
  
  32075f31064cbd71e820f9c5a9b1c41e357b17ea
- SHA256
  
  826837df6dde8385f31f1a25df7ebdf946b9519af3142bfb87d4b9196f3822f1
- SHA512
  
  25d415e45b326d5db660326124fdc189fb1d17198159197ad2ab953bed979116fd743f49d122a7ef70c9735fdef3dc89893ddebe10b950dc88152d75578f2fb7
Score

10^/10

xloader ahc8 loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Blocklisted process makes network request

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2