xloader

General

Target

33ea116c4bec4e2b3e6983fdc24ec7c7
Size

36KB
Sample

220531-rfh8tabde7
MD5

33ea116c4bec4e2b3e6983fdc24ec7c7
SHA1

aa4e6a0b6abdbee8a690c73726b013350010f6c8
SHA256

aaf9711abf1917c4e3eb650c32e71de2dc8f4c0999ffe193801e4acf6cf52815
SHA512

8214b7918439c4fa26da5e969846090365b37c8269bd892b0d36647bd37dec923ddf7549104c56ce1f59391cca239476cf570733ffe2ce68c16ea7676d0aad06

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.6

Campaign

vweq

Decoy

malang-media.com

mrsfence.com

lubetops.com

aitimedia.net

montecryptocapital.com

ahwmedia.com

bvmnc.site

bggearstore.com

bcsantacoloma.online

alltimephotography.com

santacruz-roofings.com

leaplifestyleenterprises.com

censovet.com

similkameenfarms.com

undisclosed.email

thetrinityco.com

rapiturs.com

jedlersdorf.info

mh7jk12e.xyz

flygurlblogwordpress.com

Targets

- Target
  
  33ea116c4bec4e2b3e6983fdc24ec7c7
- Size
  
  36KB
- MD5
  
  33ea116c4bec4e2b3e6983fdc24ec7c7
- SHA1
  
  aa4e6a0b6abdbee8a690c73726b013350010f6c8
- SHA256
  
  aaf9711abf1917c4e3eb650c32e71de2dc8f4c0999ffe193801e4acf6cf52815
- SHA512
  
  8214b7918439c4fa26da5e969846090365b37c8269bd892b0d36647bd37dec923ddf7549104c56ce1f59391cca239476cf570733ffe2ce68c16ea7676d0aad06
Score

10^/10

xloader vweq loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Drops startup file

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2