xloader | c1bd0f2f3ac96d89502bb30e5397b77fd0801c400b6afe989d0b5d356b1926d0 | Triage

Sharing

General

Target

c1bd0f2f3ac96d89502bb30e5397b77fd0801c400b6afe989d0b5d356b1926d0
Size

303KB
Sample

220316-lccnzaaagk
MD5

56f2db36ab627f09c22008f06ce17974
SHA1

72eea805c0d1f4eaa68de67b73e3479bfc54e4a1
SHA256

c1bd0f2f3ac96d89502bb30e5397b77fd0801c400b6afe989d0b5d356b1926d0
SHA512

8a4dba7f5d5f9901e4dd1cd6cd2b23c985838d882e093611e8309176747b809cef364b18c82f260119d4c82e8c55accdf5293753cb43ed99fb238f9da0ad2e52

Score

10^/10

xloader ahc8 loader rat suricata

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

ahc8

Decoy

192451.com

wwwripostes.net

sirikhalsalaw.com

bitterbaybay.com

stella-scrubs.com

almanecermezcal.com

goodgood.online

translate-now.online

sincerefilm.com

quadrantforensics.com

johnfrenchart.com

plick-click.com

alnileen.com

tghi.xyz

172711.com

maymakita.com

punnyaseva.com

ukash-online.com

sho-yururi-blog.com

hebergement-solidaire.com

Targets

- Target
  
  c1bd0f2f3ac96d89502bb30e5397b77fd0801c400b6afe989d0b5d356b1926d0
- Size
  
  303KB
- MD5
  
  56f2db36ab627f09c22008f06ce17974
- SHA1
  
  72eea805c0d1f4eaa68de67b73e3479bfc54e4a1
- SHA256
  
  c1bd0f2f3ac96d89502bb30e5397b77fd0801c400b6afe989d0b5d356b1926d0
- SHA512
  
  8a4dba7f5d5f9901e4dd1cd6cd2b23c985838d882e093611e8309176747b809cef364b18c82f260119d4c82e8c55accdf5293753cb43ed99fb238f9da0ad2e52
Score

10^/10

xloader ahc8 loader rat suricata
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata
- Xloader Payload
  rat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

xloaderahc8loaderratsuricata