xloader

General

Target

SecuriteInfo.com.Variant.MSILHeracles.37963.6224.26571
Size

564KB
Sample

220511-wlawvaehc8
MD5

79c46056fb002fcd31fba21bae0d9221
SHA1

56280d53bd4c977debbc0e36ff0b7a3f3b3e3786
SHA256

37708373f6b4deb76e61c7a9c65200bba9f9d7ca7ebcd82d09242dd9231fa072
SHA512

75a264463a0d90e10b9c930474d6ab10a3cbc143a4eed82bc5d51f29cb72a27b7743bfb169194e952df8666490eafa8bfbc78637995f4bf7bcd47fac59a80796

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

snjq

Decoy

codezonesoftware.xyz

traexcel.com

smalltowncontractors.com

classicalequestrianacademy.com

jlvip1066.com

ovacup.online

foodcravings2312.com

dbelnlogoro.quest

valeriebeijing.com

steri-spiral.com

envisionpoolsnd.biz

adclw.net

smartaf5.xyz

tech4ad.com

trimilos.info

blockplace.club

gunpowderz.com

nayrajewels.com

fapcxi.xyz

mentication.com

Targets

- Target
  
  SecuriteInfo.com.Variant.MSILHeracles.37963.6224.26571
- Size
  
  564KB
- MD5
  
  79c46056fb002fcd31fba21bae0d9221
- SHA1
  
  56280d53bd4c977debbc0e36ff0b7a3f3b3e3786
- SHA256
  
  37708373f6b4deb76e61c7a9c65200bba9f9d7ca7ebcd82d09242dd9231fa072
- SHA512
  
  75a264463a0d90e10b9c930474d6ab10a3cbc143a4eed82bc5d51f29cb72a27b7743bfb169194e952df8666490eafa8bfbc78637995f4bf7bcd47fac59a80796
Score

10^/10

xloader snjq loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2