xloader

General

Target

LPS108326.exe
Size

918KB
Sample

220310-cngbvscgf8
MD5

d0885301c99cea1b4ce3ca1d92ce07d5
SHA1

d9d06cefe0cdc185cc354eefb34f353fac42b697
SHA256

51985a3bb448c49846c0560a6d577ab1f2e6dcb4c44d8f5c68d09c371a0bc485
SHA512

4050819187bf3aad41a720ea40719b4ad4dfec4403c043058baadccae600554e69551291adfbfd28bacd245d6f2d340676c46c16f8153c85cb919f61e5600bd6

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

ahc8

Decoy

192451.com

wwwripostes.net

sirikhalsalaw.com

bitterbaybay.com

stella-scrubs.com

almanecermezcal.com

goodgood.online

translate-now.online

sincerefilm.com

quadrantforensics.com

johnfrenchart.com

plick-click.com

alnileen.com

tghi.xyz

172711.com

maymakita.com

punnyaseva.com

ukash-online.com

sho-yururi-blog.com

hebergement-solidaire.com

Targets

- Target
  
  LPS108326.exe
- Size
  
  918KB
- MD5
  
  d0885301c99cea1b4ce3ca1d92ce07d5
- SHA1
  
  d9d06cefe0cdc185cc354eefb34f353fac42b697
- SHA256
  
  51985a3bb448c49846c0560a6d577ab1f2e6dcb4c44d8f5c68d09c371a0bc485
- SHA512
  
  4050819187bf3aad41a720ea40719b4ad4dfec4403c043058baadccae600554e69551291adfbfd28bacd245d6f2d340676c46c16f8153c85cb919f61e5600bd6
Score

10^/10

xloader ahc8 loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2