xloader | 38f0565e0b9aca9484c972d69d63803253c014f1a1e90e1b86b9b8e0035b606a | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004_x64

Sharing

General

Target

38f0565e0b9aca9484c972d69d63803253c014f1a1e90e1b86b9b8e0035b606a
Size

806KB
Sample

220707-prkjxagcfk
MD5

2a552d3676776043ba816a122691e003
SHA1

29f799ce2d6e4268603e5ca310621eda23b92bd7
SHA256

38f0565e0b9aca9484c972d69d63803253c014f1a1e90e1b86b9b8e0035b606a
SHA512

55eb70369368044a654578a703e0856cdc505d2e312dd488216937ca2149f45b785610727713c713b87846f79840e0034cce7aa533fe05a37eb1911a8f331fbf

Score

10^/10

xloader loader rat

Static task

static1

Behavioral task

behavioral1

Sample

38f0565e0b9aca9484c972d69d63803253c014f1a1e90e1b86b9b8e0035b606a.exe

Resource

win10v2004-20220414-en

xloader loader rat

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

https://textbin.net/raw/a3gbusy118

Targets

- Target
  
  38f0565e0b9aca9484c972d69d63803253c014f1a1e90e1b86b9b8e0035b606a
- Size
  
  806KB
- MD5
  
  2a552d3676776043ba816a122691e003
- SHA1
  
  29f799ce2d6e4268603e5ca310621eda23b92bd7
- SHA256
  
  38f0565e0b9aca9484c972d69d63803253c014f1a1e90e1b86b9b8e0035b606a
- SHA512
  
  55eb70369368044a654578a703e0856cdc505d2e312dd488216937ca2149f45b785610727713c713b87846f79840e0034cce7aa533fe05a37eb1911a8f331fbf
Score

10^/10

xloader loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader payload
  rat
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

xloaderloaderrat

© 2018-2024

Terms | Privacy