xloader

General

Target

SecuriteInfo.com.W32.AIDetectNet.01.10177.26773
Size

816KB
Sample

220809-mstg4aagd9
MD5

d7fcb51b3e93ea2e70a02de4b2c0011e
SHA1

c5df652175290e899cfe98ad8ee2b246c485b613
SHA256

18168b3b4264b7b6a54ba58f1297579e93005bea584f95db6ab7631ab64e456c
SHA512

41be8b04263a486aae525e3f16a60b4071f47ffe672ebe719d2a9f4be5ac61908db38de07448086912c3fc9b5f9140dbde7947e9c42f5a1e40b56aaa7b74e3e0

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.6

Campaign

vweq

Decoy

liharyo.store

irts-byscioteq.com

364665.com

doorknob.xyz

flowerempire.online

wintec-beratung.com

samadidentalclinics.com

rachelallencounseling.com

luprs.online

dcyshopingit.website

dadagaga.group

modayunpocomas.com

yishanone.com

zaqqerr.com

mojavestack.com

investors-field.com

villanewinsxr.com

sdlanyutu.com

inno-link.tech

shuangyingmaoyi.com

Targets

- Target
  
  SecuriteInfo.com.W32.AIDetectNet.01.10177.26773
- Size
  
  816KB
- MD5
  
  d7fcb51b3e93ea2e70a02de4b2c0011e
- SHA1
  
  c5df652175290e899cfe98ad8ee2b246c485b613
- SHA256
  
  18168b3b4264b7b6a54ba58f1297579e93005bea584f95db6ab7631ab64e456c
- SHA512
  
  41be8b04263a486aae525e3f16a60b4071f47ffe672ebe719d2a9f4be5ac61908db38de07448086912c3fc9b5f9140dbde7947e9c42f5a1e40b56aaa7b74e3e0
Score

10^/10

xloader vweq loader persistence rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader payload
  rat
- Adds policy Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

Modify Registry

2

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader payload

Adds policy Run key to start application

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2