xloader

General

Target

46334e65f2fb3a02f0d9c0ab9dc71c0ad5041a3ffa9537b0fd11e71ee7e758c2
Size

414KB
Sample

220221-2n3brsbcf5
MD5

77d92c9439668a4500e33dd62145917b
SHA1

d7dacbc37b10afe965e154aec7e7041d1e11f07e
SHA256

46334e65f2fb3a02f0d9c0ab9dc71c0ad5041a3ffa9537b0fd11e71ee7e758c2
SHA512

d73078b637c44ebda7742cf11dd673b00c3371a809c5ed8687a9e8d7c6765da53bbb70e94f3f26e732939d0d783e29184f723bf20d9023411a71e920e5525847

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

kio8

Decoy

greeaircondition.com

thewilmingtonguide.com

cbluedotlivewdmall.com

globalcrime24.com

heightsplace.com

ghar.pro

asosbira.com

melolandia.com

velactun.com

erniesimms.com

nutbullet.com

drizzerstr.com

hnqym888.com

ghorowaseba.com

1317efoxchasedrive.info

stjudetroop623.com

facestaj.com

airpromaskaccessories.com

wolfetailors.com

56ohdc2016.com

Targets

- Target
  
  List of Materials.exe
- Size
  
  353KB
- MD5
  
  7f3db622dd004c86955c78e05aadedaa
- SHA1
  
  60d1621e414e078598c851c95a2cc22b41bbc40c
- SHA256
  
  e2d83de235b73fa4366db562daf7a16884eb632bc00ac8d12d371bdc7a2d1c2f
- SHA512
  
  12a0c8d7037f96bee437502526426a46ddb7476d594024cc59102019220cc95e6300b63413808e436fac0045eeab372022d14fd9222142484b8371a612de6015
Score

10^/10

xloader kio8 loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2