General

  • Target

    3608-229-0x0000000000000000-mapping.dmp

  • Size

    168KB

  • MD5

    2cb73fe97c2acfd826549c755012a677

  • SHA1

    51613cd1f836cb94b4c945ca4542834d92c8651f

  • SHA256

    48f40d869655ebaad0f5b79bf0293a4dea809cfabbfd45bebfb0f4bed32606bc

  • SHA512

    6088c2dd6a39b1ac22a49c6d13eddcfd8253883deeff660938f23f2cab2811307e7f2c425dfb7dcdd7ba448e3eafada679da24c5f3d49644483c3015b6685a2c

  • SSDEEP

    3072:3TpfE220vyTdHGM/pvANOhY97AeRz08wqxRFcaHxEG:3tpimM/hMIY97Aqz08bzrGG

Score
10/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

euv4

Decoy

anniebapartments.com

hagenbicycles.com

herbalist101.com

southerncorrosion.net

kuechenpruefer.com

tajniezdrzi.quest

segurofunerarioar.com

boardsandbeamsdecor.com

alifdanismanlik.com

pkem.top

mddc.clinic

handejqr.com

crux-at.com

awp.email

hugsforbubbs.com

cielotherepy.com

turkcuyuz.com

teamidc.com

lankasirinspa.com

68135.online

Signatures

  • Xloader family
  • Xloader payload 1 IoCs

Files

  • 3608-229-0x0000000000000000-mapping.dmp