xloader

General

Target

7686006127.zip
Size

1.0MB
Sample

220701-y8z6cscdc8
MD5

f9f00e3aab765c95af92ddcfee1789d5
SHA1

e418d9064da1481f24061be3a4fa51dc97525d91
SHA256

4b356a2936a1032bd1ddfa1915e3ac3b49339e2aa7cf9ea2d327cabbed9afb24
SHA512

9a552a55bdf5bc6e61c09c8f3f2369f1563e56b9d246708de9eda0a14a0e061c28da616d56bdfe6678f1f8b8a305caf1fcbb2e00c109fe6d88d3cbcb165a5ff4

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

p086

Decoy

jinshichain.com

worldpettraveler.com

hightecforpc.com

kj97fm.com

streetnewstv.com

webrew.club

wheretogodubai.com

apostapolitica.net

thecafy.com

vinelosangeles.com

gashinc.com

gutitout.net

bvd-invest.com

realtoroutdesk.com

lawnbowlstournaments.net

nobodyisillegal.com

abogadoorihuela.net

sanistela.com

jksecurityworld.com

peppermintproject.com

Targets

- Target
  
  75f51a1c8248ee392cbf556ead0a8dd1e7dcb88dd83505b6cc66825d4f040c4c
- Size
  
  1.3MB
- MD5
  
  38d3b72debd93d5242cae5c6639522cd
- SHA1
  
  9d685ef4cd53df07d20d514e1abb8bcbd8718028
- SHA256
  
  75f51a1c8248ee392cbf556ead0a8dd1e7dcb88dd83505b6cc66825d4f040c4c
- SHA512
  
  a80ff2a01cc92f05617c0835931ae655af1fd91c962aa733feefff0efc4131bc3d2e3573ba047e57316d0e283fa8888d2ca1bdb6b507b9d2fdaa3599dc61eb9a
Score

10^/10

xloader p086 loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2