General

  • Target

    4944-133-0x0000000000400000-0x000000000042E000-memory.dmp

  • Size

    184KB

  • MD5

    5f2e82317513c1dd8767cae5f0334456

  • SHA1

    843ac938ddab331b221d99de6940c732d5b1bcf0

  • SHA256

    babb1f48b15e8b7d209f8b8862c881ca7572ff50d590b031cc6249834e099425

  • SHA512

    e928bd2e0270b1ce5d5ca53a5d563178be86d967316f1164326073547d683d24d02c9eec8e838ecc6c62c277638d1797fa6cf633115ca24e92e81e54b9a30706

  • SSDEEP

    3072:BMMTZoytvEW6xsBmWpq1snUI1w+RBpFSZVLlDYVedR8iyOuT+Ucxx:BMny9CsBc1svqoBpFSZlln5yOuTdcx

Score
10/10

Malware Config

Extracted

Family

xloader

Version

2.6

Campaign

tn61

Decoy

ryliehorrall.art

mesdco.net

street-art-ink.com

sepetcin.com

stilghar.com

hawaiipooltiles.com

fuerst-von-falkennest.com

totalvirtue.com

xdk0blc0tqy6a7.life

zootowngravel.com

kreditkarten-optionde.com

6888tlbb.xyz

albertakleekai.com

travelnurseinfofinder3.life

valleyinnswat.com

secure-remove-devices.com

digitalswamy.com

www112casinova.com

medifasttrd.com

distritoxermar.com

Signatures

  • Xloader Payload 1 IoCs
  • Xloader family

Files

  • 4944-133-0x0000000000400000-0x000000000042E000-memory.dmp
    .exe windows x86


    Headers

    Sections