xloader

General

Target

d0efe01f8cfc6414df7959774ec7bf2a
Size

1.1MB
Sample

220727-1pxbgadeg8
MD5

d0efe01f8cfc6414df7959774ec7bf2a
SHA1

a90e7ebd25303d7c8c79ce253c3f6fc08f029db7
SHA256

989e93ad8738333d602fecab4c5a709168cfcf21aa75daaf7e24623b9d81b228
SHA512

9c8e55243a0e628116d7aff2411a51e10d7aeb1f3269f5474027a9aca9497b0bae1db3e5fdbc76c4fd76191ed503bc74e32eb3af515a34ba39c5c3662927857a

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.6

Campaign

zgtb

Decoy

gabriellep.com

honghe4.xyz

anisaofrendas.com

happy-tile.com

thesulkies.com

international-ipo.com

tazeco.info

hhhzzz.xyz

vrmonster.xyz

theearthresidencia.com

sportape.xyz

elshadaibaterias.com

koredeiihibi.com

taxtaa.com

globalcityb.com

fxivcama.com

dagsmith.com

elmar-bhp.com

peakice.net

jhcdjewelry.com

Targets

- Target
  
  d0efe01f8cfc6414df7959774ec7bf2a
- Size
  
  1.1MB
- MD5
  
  d0efe01f8cfc6414df7959774ec7bf2a
- SHA1
  
  a90e7ebd25303d7c8c79ce253c3f6fc08f029db7
- SHA256
  
  989e93ad8738333d602fecab4c5a709168cfcf21aa75daaf7e24623b9d81b228
- SHA512
  
  9c8e55243a0e628116d7aff2411a51e10d7aeb1f3269f5474027a9aca9497b0bae1db3e5fdbc76c4fd76191ed503bc74e32eb3af515a34ba39c5c3662927857a
Score

10^/10

xloader zgtb loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2