xloader

General

Target

vbc.exeiyravbmu
Size

1.5MB
Sample

220522-gh9tfabhcp
MD5

446b9bdfbfe21f14cb22ecec666ff7a8
SHA1

bee52647caae69d434aade7a64ad2ee4f50247de
SHA256

6666b32f52c7d860404d64bf37bdfbea7f7aa38cb0a12f326c515469551d991f
SHA512

beaaf39e78b1a7c2e2a54de03631d2df3d374cff09b9c68bd2c89e80f85e60c6223795e3e59a5d8f7871c41afa54be56994679db736d8ffc823f948b9feecfc2

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.6

Campaign

arh2

Decoy

hstorc.com

blackountry.com

dhrbakery.com

dezhouofit.com

defipayout.xyz

ginas4t.com

byzbh63.xyz

qrcrashview.com

mialibaby.com

enhaut.net

samainnova.com

yashveerresort.com

delfos.online

dungcumay.com

lj-counseling.net

fliptheswitch.pro

padogbitelawyer.com

aticarev.com

sederino.site

bestplansforpets-japan3.life

Targets

- Target
  
  vbc.exeiyravbmu
- Size
  
  1.5MB
- MD5
  
  446b9bdfbfe21f14cb22ecec666ff7a8
- SHA1
  
  bee52647caae69d434aade7a64ad2ee4f50247de
- SHA256
  
  6666b32f52c7d860404d64bf37bdfbea7f7aa38cb0a12f326c515469551d991f
- SHA512
  
  beaaf39e78b1a7c2e2a54de03631d2df3d374cff09b9c68bd2c89e80f85e60c6223795e3e59a5d8f7871c41afa54be56994679db736d8ffc823f948b9feecfc2
Score

10^/10

xloader arh2 loader rat suricata
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata
- Xloader Payload
  rat
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

1

T1064

Persistence

Privilege Escalation

Defense Evasion

Scripting

1

T1064

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

suricata: ET MALWARE FormBook CnC Checkin (GET)

Xloader Payload

Uses the VBS compiler for execution

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2