xloader

General

Target

2a65dce1dcd3f231220e06847a523596.exe
Size

1.1MB
Sample

220329-jjnzgaggeq
MD5

2a65dce1dcd3f231220e06847a523596
SHA1

fac6b1dafa81038397699ac36baab5ea94a8ff30
SHA256

ba347c1008ade9d22ce86ffc99ad1b8d8bb3fe4d392d911e8c4c2f2a11c98f13
SHA512

ac5d220cdd2b035462cb287051480ed0d8c59650dd8f8f7a5e4e5a21b0826b31d2a1fd050834728501384c5e37485b1925f0e315ba437f67263c7a7f730dbb21

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

ahc8

Decoy

192451.com

wwwripostes.net

sirikhalsalaw.com

bitterbaybay.com

stella-scrubs.com

almanecermezcal.com

goodgood.online

translate-now.online

sincerefilm.com

quadrantforensics.com

johnfrenchart.com

plick-click.com

alnileen.com

tghi.xyz

172711.com

maymakita.com

punnyaseva.com

ukash-online.com

sho-yururi-blog.com

hebergement-solidaire.com

Targets

- Target
  
  2a65dce1dcd3f231220e06847a523596.exe
- Size
  
  1.1MB
- MD5
  
  2a65dce1dcd3f231220e06847a523596
- SHA1
  
  fac6b1dafa81038397699ac36baab5ea94a8ff30
- SHA256
  
  ba347c1008ade9d22ce86ffc99ad1b8d8bb3fe4d392d911e8c4c2f2a11c98f13
- SHA512
  
  ac5d220cdd2b035462cb287051480ed0d8c59650dd8f8f7a5e4e5a21b0826b31d2a1fd050834728501384c5e37485b1925f0e315ba437f67263c7a7f730dbb21
Score

10^/10

xloader ahc8 loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2