xloader

General

Target

SecuriteInfo.com.W32.AIDetectNet.01.4418.16533
Size

453KB
Sample

220613-gcvsbsabe7
MD5

38582ab77e044f76e4f802fd56a0273f
SHA1

cfc9d39c4a5e5d61d15a4eab30f2d32ec1545728
SHA256

dcfa4dfcc90ae3c90deb36709bdaed5a1d49a174139bf814cd758ed8b6859c1a
SHA512

8bb21e3d17771127b21a9cdf1e433f460cd1d9d14029c59e318b429ee8da390716c034cf5ecc1410c895ac5e8159a8be7fd9f51e95e8582a060be4f02e19da1a

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.6

Campaign

be3s

Decoy

aoxaswa.info

souplab-graphic.com

churchontheisland.com

spclassic-cars.com

stanford-edu.club

heydowm.online

chattanooga-electricians.com

sectsk.com

cxg98.com

buildafricaonline.net

buydogcoin.com

vsst247.com

lodgelastrancas.com

ainonaho.com

griousndwarehsftyfs.xyz

voltagestabilizersupply.com

xn--79q565dzfex9hg81b.com

isrvr-ccrforum.info

chitiandi.com

criticaldisco.com

Targets

- Target
  
  SecuriteInfo.com.W32.AIDetectNet.01.4418.16533
- Size
  
  453KB
- MD5
  
  38582ab77e044f76e4f802fd56a0273f
- SHA1
  
  cfc9d39c4a5e5d61d15a4eab30f2d32ec1545728
- SHA256
  
  dcfa4dfcc90ae3c90deb36709bdaed5a1d49a174139bf814cd758ed8b6859c1a
- SHA512
  
  8bb21e3d17771127b21a9cdf1e433f460cd1d9d14029c59e318b429ee8da390716c034cf5ecc1410c895ac5e8159a8be7fd9f51e95e8582a060be4f02e19da1a
Score

10^/10

xloader be3s loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2