xloader

General

Target

dAkPKAwtoDLxTrD.exe
Size

836KB
Sample

220308-q9tqzaaddr
MD5

70546f38493221036fa4704f272ca6da
SHA1

33994e6316abe2f24c448d916fb53c5468d0f76e
SHA256

d0fd68de07eaddfd233b49bad8c222121ee284d8f783900d22e074accbcf7c2e
SHA512

a1cd4799dcd8e7b9cc56df71388faf0749e69a832e0b2ceb16f1956659ac1d24d8f1906e34b9ee2f94f686a43e80556014bb9f01a5ba5160224a40e30e30efbe

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

b8eu

Decoy

coeusconsultancy.com

allutravel.com

frustratedsportsfan.com

notch.host

cvkur.com

dunamisathletics.com

citycourtlafayetteclass.com

tastingpay.com

beriteautoglass.com

mexicanaenergy.com

karaokepkllkb.xyz

equiposymaquinasparamineria.com

fsmgayrimenkulbursa.com

femmequidanseaveclalune.com

frfrjrbfkfncifnsnqwnxbcb.com

jmwxhsbktiyq7.xyz

nevirame.com

wppaulwriter.com

anandiaper.xyz

krasamart.com

Targets

- Target
  
  dAkPKAwtoDLxTrD.exe
- Size
  
  836KB
- MD5
  
  70546f38493221036fa4704f272ca6da
- SHA1
  
  33994e6316abe2f24c448d916fb53c5468d0f76e
- SHA256
  
  d0fd68de07eaddfd233b49bad8c222121ee284d8f783900d22e074accbcf7c2e
- SHA512
  
  a1cd4799dcd8e7b9cc56df71388faf0749e69a832e0b2ceb16f1956659ac1d24d8f1906e34b9ee2f94f686a43e80556014bb9f01a5ba5160224a40e30e30efbe
Score

10^/10

xloader b8eu loader rat suricata
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

suricata: ET MALWARE FormBook CnC Checkin (GET)

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2