xloader

General

Target

78fe3ed0e50009101124d757b0ff13967a5eda787ddad427276779c4d343ce2c
Size

418KB
Sample

220221-nj6lqshhh8
MD5

2a2278ac00e3b5729826f9f828a0b9ac
SHA1

d4d26ffd70753a9d81877a70477edfc13f2bfb18
SHA256

78fe3ed0e50009101124d757b0ff13967a5eda787ddad427276779c4d343ce2c
SHA512

2ddd27e3defb76d40ee887794a0683cd35af20828b0b7cbd82216b22dba18ac1a6456eb3f0942bf495259e0ba5b315126ea43886cc7b130b7bcbd54bf5bfc427

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

kio8

Decoy

greeaircondition.com

thewilmingtonguide.com

cbluedotlivewdmall.com

globalcrime24.com

heightsplace.com

ghar.pro

asosbira.com

melolandia.com

velactun.com

erniesimms.com

nutbullet.com

drizzerstr.com

hnqym888.com

ghorowaseba.com

1317efoxchasedrive.info

stjudetroop623.com

facestaj.com

airpromaskaccessories.com

wolfetailors.com

56ohdc2016.com

Targets

- Target
  
  Materials.exe
- Size
  
  357KB
- MD5
  
  8bd9a34cf06fa228b4ccd401808723cc
- SHA1
  
  e17daeaf2e0dcfdbaf026866c00fefb0beb47520
- SHA256
  
  38f3aadc65df16aed9f5bbaa5f42598d3fd9b29811429fcddd679a40b092fca0
- SHA512
  
  3d3ac1d0d90125fba07ca8a6fe0bb75a95b47b1caf177854b9e476aede2cefe396c68bb68c7dde0e32b22a740708aa3f23dd3726f3789504b83fd0b195c0479e
Score

10^/10

xloader kio8 loader rat
- Suspicious use of NtCreateProcessExOtherParentProcess
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2

T1012

System Information Discovery

2

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Suspicious use of NtCreateProcessExOtherParentProcess

Xloader Payload

Deletes itself

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2