xloader

General

Target

SecuriteInfo.com.Trojan.Siggen18.2489.13624.5346
Size

433KB
Sample

220608-c1ad3saca4
MD5

6bffccc463faefa01c1b2df41b424dfb
SHA1

b2ac827ab0523afb71b03678d68882ef460dc9c6
SHA256

cbf5d0bff8f20df08fe13d8aa9c48b33f29bb420596062746a54d4cf46b57b10
SHA512

6a1d313342ca4a7fc1c7ffd8c4fc0331388141125535fb0ada059054a1a4a959a31552b09ff1d86989fe30ee30075b437b2781eb786ddf335715fa90469581d6

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.6

Campaign

a8hq

Decoy

veteransductcleaning.com

beajtjunkies.com

houseofascofi.com

scottsdalemediator.com

atelyadesign.com

profitcase.pro

imtokenio.club

qinglingpai.com

bigsmile-meal.net

daytonlivestream.com

aspiradores10.online

ytybs120.com

hdatelier.com

bearpierce.com

yeson28ca.com

booklearner.com

m8j9.club

mmophamthinhlegend.space

hq4a7o6zb.com

sophiadaki.online

Targets

- Target
  
  SecuriteInfo.com.Trojan.Siggen18.2489.13624.5346
- Size
  
  433KB
- MD5
  
  6bffccc463faefa01c1b2df41b424dfb
- SHA1
  
  b2ac827ab0523afb71b03678d68882ef460dc9c6
- SHA256
  
  cbf5d0bff8f20df08fe13d8aa9c48b33f29bb420596062746a54d4cf46b57b10
- SHA512
  
  6a1d313342ca4a7fc1c7ffd8c4fc0331388141125535fb0ada059054a1a4a959a31552b09ff1d86989fe30ee30075b437b2781eb786ddf335715fa90469581d6
Score

10^/10

xloader a8hq loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2