General

  • Target

    SecuriteInfo.com.W32.AIDetectNet.01.20185.1863

  • Size

    801KB

  • Sample

    220616-hel4mshhh7

  • MD5

    c8ecc86083020dcfed2e4f65f916d67a

  • SHA1

    adeb357ac1b9877d404332311d02d3b8fc51d533

  • SHA256

    2a3bded9d270f030b66c32162dd26d98da2225cc0a4ec35503e3c4fa5314e486

  • SHA512

    bfc71d1fc18568a3a75dbb52cd53f90d9b7fe33a15218f591052fafc72251bfb5db071dcf51c7cc61ce73f95e02403496db690a66b11afef381bdd569bd1c9a6

Score
10/10

Malware Config

Extracted

Family

xloader

Version

2.6

Campaign

gwsr

Decoy

colagiovanniginecologa.com

amanda-aiello.com

7859000.com

getklim.com

amplequeen.com

presencelarning.com

scuralliphotography.com

xhbafw.com

mxhdkt.com

belmarmassage.com

kaunahijab.com

xcxcxcc.icu

womamwhims.com

fixuplooksharp.xyz

ijtshopingit.website

inveztcorp.com

zjgdaikin.com

yasvip-ud5.xyz

adsocius.net

wabo229.xyz

Targets

    • Target

      SecuriteInfo.com.W32.AIDetectNet.01.20185.1863

    • Size

      801KB

    • MD5

      c8ecc86083020dcfed2e4f65f916d67a

    • SHA1

      adeb357ac1b9877d404332311d02d3b8fc51d533

    • SHA256

      2a3bded9d270f030b66c32162dd26d98da2225cc0a4ec35503e3c4fa5314e486

    • SHA512

      bfc71d1fc18568a3a75dbb52cd53f90d9b7fe33a15218f591052fafc72251bfb5db071dcf51c7cc61ce73f95e02403496db690a66b11afef381bdd569bd1c9a6

    Score
    10/10
    • Xloader

      Xloader is a rebranded version of Formbook malware.

    • Xloader Payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks