Overview

overview

10

Static

static

SecuriteIn...59.exe

windows7_x64

10

SecuriteIn...59.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.W32.AIDetectNet.01.17459.2026

  • Size

    762KB

  • Sample

    220602-d2gp8adaa2

  • MD5

    9ff3dfbce0e1b746772ae35dfa21e50d

  • SHA1

    dc785bcab9218eee918ecdb7ee84be0ff4e1acf9

  • SHA256

    b053714ce58eb3396c7b51a3b5c0dea99c92e71b3da65e4de1ea640f6ad4d82d

  • SHA512

    447de05f128e840352f7c3b4545356576cdbc335775c2af233c07c94833ac816438c4d5e454c68f1ea13329fefce71a311a04d773a8fc658e7def2fbadb39f7f

Score
10/10
xloadera8hqloaderrat

Malware Config

Extracted

Family

xloader

Version

2.6

Campaign

a8hq

Decoy

veteransductcleaning.com

beajtjunkies.com

houseofascofi.com

scottsdalemediator.com

atelyadesign.com

profitcase.pro

imtokenio.club

qinglingpai.com

bigsmile-meal.net

daytonlivestream.com

aspiradores10.online

ytybs120.com

hdatelier.com

bearpierce.com

yeson28ca.com

booklearner.com

m8j9.club

mmophamthinhlegend.space

hq4a7o6zb.com

sophiadaki.online

Targets

    • Target

      SecuriteInfo.com.W32.AIDetectNet.01.17459.2026

    • Size

      762KB

    • MD5

      9ff3dfbce0e1b746772ae35dfa21e50d

    • SHA1

      dc785bcab9218eee918ecdb7ee84be0ff4e1acf9

    • SHA256

      b053714ce58eb3396c7b51a3b5c0dea99c92e71b3da65e4de1ea640f6ad4d82d

    • SHA512

      447de05f128e840352f7c3b4545356576cdbc335775c2af233c07c94833ac816438c4d5e454c68f1ea13329fefce71a311a04d773a8fc658e7def2fbadb39f7f

    Score
    10/10
    xloadera8hqloaderrat

    • Xloader

      Xloader is a rebranded version of Formbook malware.

      loaderxloader

    • Xloader Payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks