xloader

General

Target

0018389938.exe
Size

971KB
Sample

220506-e2qtkabhfp
MD5

3f732abe929e5441ece5c7e01b1f2b86
SHA1

f738d5bbba0c0589fed01612263aa439e828ea37
SHA256

8cc79dccb652d3798039383ca1068e18e68f129e43cc278797b5bb45645c98ce
SHA512

33e0d108f8d6504f98f489be9338b3b440be7bde80e6b9ea4d0683b9745a5658a0b27bc74c9acd7e74b13ee98859510556ee2a88eb6d7c2ac3a218ae6e513971

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

mjup

Decoy

cyqcc.com

mynext.guru

clickbuzz.tech

testingsitewp.store

starblast.space

xn--cocola-6wa.com

kathicrafts.com

tiktokshop.cloud

akasa42.com

therosedalefw.com

fabuluxepicnicsatl.com

dtoyer.com

trungtambtx.com

uploaded.space

newgradient.com

micron365.com

driving-ukrainka.com

feretsfreshcutsproduce.com

1781tudor301.info

mecca-services.com

Targets

- Target
  
  0018389938.exe
- Size
  
  971KB
- MD5
  
  3f732abe929e5441ece5c7e01b1f2b86
- SHA1
  
  f738d5bbba0c0589fed01612263aa439e828ea37
- SHA256
  
  8cc79dccb652d3798039383ca1068e18e68f129e43cc278797b5bb45645c98ce
- SHA512
  
  33e0d108f8d6504f98f489be9338b3b440be7bde80e6b9ea4d0683b9745a5658a0b27bc74c9acd7e74b13ee98859510556ee2a88eb6d7c2ac3a218ae6e513971
Score

10^/10

xloader mjup loader rat suricata
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata
- Xloader Payload
  rat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

suricata: ET MALWARE FormBook CnC Checkin (GET)

Xloader Payload

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2