xloader | 59048fa3b523121866f79a8a2f7a3c9c7cf609a98be5a1ec296030de2353d559

General

Target

59048fa3b523121866f79a8a2f7a3c9c7cf609a98be5a1ec296030de2353d559
Size

163KB
MD5

f228118bb37f4c6d103d3ab25638f10a
SHA1

456c65c3ba33e6b0c8fdb4d0819b021ad1b7af69
SHA256

59048fa3b523121866f79a8a2f7a3c9c7cf609a98be5a1ec296030de2353d559
SHA512

ac6479c4b157a4012b7e9c56ee75b8a07eb8d443a29c12f5b654c507c1ac70dafdfb197dd4792aa0ed0425fe90cd933319fc6dc5524e1dafbd2bab272cc3cf16
SSDEEP

3072:h7pS+2z/WdUqL7MzUS47N1p9ju4TFN8L0RJo0zhqgn9S8:hsYpHMzJOJ9ju4T+Mm0z0gs8

Score

10^/10

rat fk84 xloader

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

fk84

Decoy

indianasheriffs.info

yuanyeong.com

growmato-project.com

juvak.xyz

selmarsolutions.com

guaranteedrepair.com

yescotwis.quest

journee-interimaire.com

pass-sfc.net

thinkingintomiracles.com

klaserclinic.com

sunspire.store

uvowtae.xyz

malcoruesch.com

flower.contractors

b98u3e.com

fulaxiong.com

jasarenovasitukang.com

tllddb.com

breackae.xyz

Signatures

Xloader family
xloader

Xloader payload 1 IoCs

rat

resource	yara_rule
sample	xloader

Files

59048fa3b523121866f79a8a2f7a3c9c7cf609a98be5a1ec296030de2353d559
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 159KB - Virtual size: 158KB

.text
Size: 159KB - Virtual size: 158KB