xloader

General

Target

tmp
Size

257KB
Sample

220514-r648zacfgm
MD5

de76ef6a11a63efc00b0303888bc0b7f
SHA1

7ab24456a49f6b61bc54d20a4d9c0b84f3ae696b
SHA256

fc6ebe8bc215a292bb3df340a84350ceb2be7187efc8e10381235cfa8d82f734
SHA512

51a5cf0f640d922ec0d8bf5ba3fcc06b6278e3ac45f07190710c5055a23102a614443641d8b6617775d5a786ccb1e9d10404dfa0e146e6c8ec3481c616214d99

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.6

Campaign

nc39

Decoy

bohicaapparel.com

chilliesofwoodstock.com

szcipa.com

nirmalaswagruhafoods.com

orbitas.online

bjvxx.com

atomvpn.site

thecanvacoach.com

thewhitelounge.com

trwebz.xyz

yiwanggkm.com

maggiceden-io.com

kimyanindelisi.online

xn--e02b19uo0j.com

kaola74.top

klcsales.net

renacerdevteam.com

talkmoor.com

seobusinesslistings.com

contractornurd.com

Targets

- Target
  
  tmp
- Size
  
  257KB
- MD5
  
  de76ef6a11a63efc00b0303888bc0b7f
- SHA1
  
  7ab24456a49f6b61bc54d20a4d9c0b84f3ae696b
- SHA256
  
  fc6ebe8bc215a292bb3df340a84350ceb2be7187efc8e10381235cfa8d82f734
- SHA512
  
  51a5cf0f640d922ec0d8bf5ba3fcc06b6278e3ac45f07190710c5055a23102a614443641d8b6617775d5a786ccb1e9d10404dfa0e146e6c8ec3481c616214d99
Score

10^/10

xloader nc39 loader rat suricata
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata
- Xloader Payload
  rat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

suricata: ET MALWARE FormBook CnC Checkin (GET)

Xloader Payload

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2