xloader

General

Target

0be9cac773f0178e65a264a182daa92fd87e6dd3b5cc4e668ff07be97a6cb0fd
Size

711KB
Sample

220319-wmypasfdb9
MD5

96504d73a4bf275b2f47b0a1717d64bc
SHA1

9eafbae37517ac17f9a37240d0f8b999a488f23e
SHA256

0be9cac773f0178e65a264a182daa92fd87e6dd3b5cc4e668ff07be97a6cb0fd
SHA512

00d1362224f85d18ff3f80ec177e04f8d1d23482deeea4d1d94a72de76253a3999f63cb344d5cf5c7c91839ead44c543e8537d1aa23e120674c932a62726c307

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.2

Campaign

chg

Decoy

ceipsanisidorogiralda.com

mypinglabs.com

grupodicore.com

hondabuilt.com

prets-enligne.com

treatyourdryeyesinfousa.com

newsonedition.com

puppetsforhireband.com

404universal.com

bipoctravel.com

aspiritdigital.com

saib.group

eatonvancewateroakadvisors.com

momoglobalshop.com

reimagineeducationlab.com

looleep.com

facefactorgame.com

paramount-realms.com

saintinnovations.com

hospitaldeanimales.com

Targets

- Target
  
  0be9cac773f0178e65a264a182daa92fd87e6dd3b5cc4e668ff07be97a6cb0fd
- Size
  
  711KB
- MD5
  
  96504d73a4bf275b2f47b0a1717d64bc
- SHA1
  
  9eafbae37517ac17f9a37240d0f8b999a488f23e
- SHA256
  
  0be9cac773f0178e65a264a182daa92fd87e6dd3b5cc4e668ff07be97a6cb0fd
- SHA512
  
  00d1362224f85d18ff3f80ec177e04f8d1d23482deeea4d1d94a72de76253a3999f63cb344d5cf5c7c91839ead44c543e8537d1aa23e120674c932a62726c307
Score

10^/10

xloader chg loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1

T1102

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Legitimate hosting services abused for malware hosting/C2

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2