xloader

General

Target

w2kNHCaUa9VsYrD.exe
Size

733KB
Sample

220306-c6yzmahgh7
MD5

e3271922cc8211a9ab17210ecd9f7c32
SHA1

fa7bd66048b4a644aca45efc2e406334cd43e71f
SHA256

542043a4750cb567691edcc7ec0e132a5f1627f037d94c1d39231e6453455da4
SHA512

3c753e2fa0878e9975126f49c15b8114d5f3c18f53062de81346767aec2bddfd4eefa8866cee4818e5fadb18f446af606c40d10cf21417ee477dfc246a4411ec

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

b8eu

Decoy

coeusconsultancy.com

allutravel.com

frustratedsportsfan.com

notch.host

cvkur.com

dunamisathletics.com

citycourtlafayetteclass.com

tastingpay.com

beriteautoglass.com

mexicanaenergy.com

karaokepkllkb.xyz

equiposymaquinasparamineria.com

fsmgayrimenkulbursa.com

femmequidanseaveclalune.com

frfrjrbfkfncifnsnqwnxbcb.com

jmwxhsbktiyq7.xyz

nevirame.com

wppaulwriter.com

anandiaper.xyz

krasamart.com

Targets

- Target
  
  w2kNHCaUa9VsYrD.exe
- Size
  
  733KB
- MD5
  
  e3271922cc8211a9ab17210ecd9f7c32
- SHA1
  
  fa7bd66048b4a644aca45efc2e406334cd43e71f
- SHA256
  
  542043a4750cb567691edcc7ec0e132a5f1627f037d94c1d39231e6453455da4
- SHA512
  
  3c753e2fa0878e9975126f49c15b8114d5f3c18f53062de81346767aec2bddfd4eefa8866cee4818e5fadb18f446af606c40d10cf21417ee477dfc246a4411ec
Score

10^/10

xloader b8eu loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

1

T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2