xloader

General

Target

f97edd735ccb4886c3b30bf6a1bcdaa1aec5f54ea5752c5d755c854af4c8a0f9
Size

819KB
Sample

220325-1wpj7schc8
MD5

aae86c751399a81769300e62ca74d44a
SHA1

7d70c984ac73ba36bfd0d0785f29be197f4df813
SHA256

f97edd735ccb4886c3b30bf6a1bcdaa1aec5f54ea5752c5d755c854af4c8a0f9
SHA512

0af4445a6e4c87298944b0510e234e0aee550a222cf95ca7ae27243e146b6d894b63102eb5156955a4aeb22344b798f5af2d6c5cc7621588ded5e0a4982045c0

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.2

Campaign

chg

Decoy

ceipsanisidorogiralda.com

mypinglabs.com

grupodicore.com

hondabuilt.com

prets-enligne.com

treatyourdryeyesinfousa.com

newsonedition.com

puppetsforhireband.com

404universal.com

bipoctravel.com

aspiritdigital.com

saib.group

eatonvancewateroakadvisors.com

momoglobalshop.com

reimagineeducationlab.com

looleep.com

facefactorgame.com

paramount-realms.com

saintinnovations.com

hospitaldeanimales.com

Targets

- Target
  
  f97edd735ccb4886c3b30bf6a1bcdaa1aec5f54ea5752c5d755c854af4c8a0f9
- Size
  
  819KB
- MD5
  
  aae86c751399a81769300e62ca74d44a
- SHA1
  
  7d70c984ac73ba36bfd0d0785f29be197f4df813
- SHA256
  
  f97edd735ccb4886c3b30bf6a1bcdaa1aec5f54ea5752c5d755c854af4c8a0f9
- SHA512
  
  0af4445a6e4c87298944b0510e234e0aee550a222cf95ca7ae27243e146b6d894b63102eb5156955a4aeb22344b798f5af2d6c5cc7621588ded5e0a4982045c0
Score

10^/10

xloader chg loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1

T1102

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Legitimate hosting services abused for malware hosting/C2

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2