xloader

General

Target

0fa72e0e60187e79ab720cf120edab4f
Size

571KB
Sample

220623-yjne9sfaaq
MD5

0fa72e0e60187e79ab720cf120edab4f
SHA1

0bc9f1238c5560286a7a0273497bee2e19b73d81
SHA256

400cf8fe4f1f1d748f7e6696227fe25164aa51e2c731e5cc621d708d0015065b
SHA512

93e9424a6d2f1c62c19397b835ddb69d48fe448e549222ba49d631467053f92625ddcb2a51c85b3bf202077c8c80e933e38b7a7fcc839c79775180ba10d73f9d

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.8

Campaign

nekq

Decoy

/c9oNOPSc9aX85OuoqU=

OJ273U/T/c7no1jC

oPn68XFXJsCG6JOuoqU=

iAUbpb8k0vTRkUTK

pPasgiv9XQi4ESRJKCjRfGdj

J5jO/Yz6+M7no1jC

XdhiI9HBZsZlyKZ1jPx+JvxZEg==

uKpYHaMJ+OCnb0yGJ5d4Fg==

9/aD58LBdIIAdGJIaaiSTSuqn1/A

Q52txESw1ro3n3NlouzWgmgm06DFAvFR

nv0k5OdLOI8bBbwMrO7Lp059Fw==

NJ3N6nHo3qKAhDZJKCjRfGdj

z0FFAyMlzFonbTkMu79n

IxOiRvLolOiHw2lEcphyDfqqn1/A

Pi0Kkdu8Vr84Fg==

hGmJW4f0Eelq7fRazg3f1qZr

+O+SUb0HHflx55l0J5d4Fg==

raG3zxXI4rgz6Ipsia0=

OZuQHihvYzPayG4Ax70=

EYKIJDSGpYffFZOuoqU=

Targets

- Target
  
  0fa72e0e60187e79ab720cf120edab4f
- Size
  
  571KB
- MD5
  
  0fa72e0e60187e79ab720cf120edab4f
- SHA1
  
  0bc9f1238c5560286a7a0273497bee2e19b73d81
- SHA256
  
  400cf8fe4f1f1d748f7e6696227fe25164aa51e2c731e5cc621d708d0015065b
- SHA512
  
  93e9424a6d2f1c62c19397b835ddb69d48fe448e549222ba49d631467053f92625ddcb2a51c85b3bf202077c8c80e933e38b7a7fcc839c79775180ba10d73f9d
Score

10^/10

xloader nekq loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2