xloader

General

Target

BLLLLAADDEE.exe
Size

35KB
Sample

220404-q4pj3aahbq
MD5

0a8d67dc73dadb3aafaa35ba4c522a99
SHA1

80ef67fc098bd298cf4d286adaf1e59dbace8211
SHA256

ccc3111d1efd08344fdaa03990ed7029b09e1a5f014424760b6ae2eae5539829
SHA512

f768f28c5981a53f36b670dc356bed13c9311c81064f1b36b062731ca4f76a336a81b7f3d447b549198ab8b50bf401a7cc0876575261e3e66cee26f9c88d1b15

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

ssac

Decoy

beautybybrin.com

oregemo.com

prospectoriq.com

blazermid.com

cloudnineloans.com

myyntisofta.com

filoupoils.com

web-solutiontnpasumo3.xyz

becbares.com

lines-hikkoshi.com

ohayouwww.com

writingdadsobituarywithdad.com

bridalbaes.com

jamshir.com

rangertots.com

dankbrobeans.com

titan111.com

uplearns.info

maxicashprokil.xyz

evc24.com

Targets

- Target
  
  BLLLLAADDEE.exe
- Size
  
  35KB
- MD5
  
  0a8d67dc73dadb3aafaa35ba4c522a99
- SHA1
  
  80ef67fc098bd298cf4d286adaf1e59dbace8211
- SHA256
  
  ccc3111d1efd08344fdaa03990ed7029b09e1a5f014424760b6ae2eae5539829
- SHA512
  
  f768f28c5981a53f36b670dc356bed13c9311c81064f1b36b062731ca4f76a336a81b7f3d447b549198ab8b50bf401a7cc0876575261e3e66cee26f9c88d1b15
Score

10^/10

xloader ssac loader rat suricata
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

suricata: ET MALWARE FormBook CnC Checkin (GET)

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2