General

  • Target

    7571fc968cca64f640978a346a67401f

  • Size

    852KB

  • Sample

    220616-h8dpcsggal

  • MD5

    7571fc968cca64f640978a346a67401f

  • SHA1

    4447ee88c195f1c92b593e1e03f94b3ca2927d7f

  • SHA256

    f373dca0591ab9127485c7c3176eb2d5b639b5281837486589884ce8f24d9dde

  • SHA512

    377afe4ca4ba7c1aad64298783a80c99a1a501d9161d6383c347399831d2f8276230c283355bf25bcae0b157e2760732a575e0f512c06296b12d6297be7a6197

Score
10/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

itq4

Decoy

worklocalcortland.com

hostydom.tech

ittakegenius.com

clarisfixion.com

totalzerosband.com

shop-for-432.club

exploremytruth.com

skarpaknivar.com

teknikunsur.net

shoppingclick.online

808gang.net

solobookings.com

mikunandina.com

insumedkap.com

kingdomcell.com

qabetalive838475.com

foxyreal.website

filmweltruhr.com

pokibar.com

girassolpresentes.com

Targets

    • Target

      7571fc968cca64f640978a346a67401f

    • Size

      852KB

    • MD5

      7571fc968cca64f640978a346a67401f

    • SHA1

      4447ee88c195f1c92b593e1e03f94b3ca2927d7f

    • SHA256

      f373dca0591ab9127485c7c3176eb2d5b639b5281837486589884ce8f24d9dde

    • SHA512

      377afe4ca4ba7c1aad64298783a80c99a1a501d9161d6383c347399831d2f8276230c283355bf25bcae0b157e2760732a575e0f512c06296b12d6297be7a6197

    Score
    10/10
    • Xloader

      Xloader is a rebranded version of Formbook malware.

    • Xloader Payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks