xloader

General

Target

03d9cbee9522c2c8a267b7e9599a9d245c35c7ac
Size

297KB
Sample

230201-fv7zyaca28
MD5

1389a18fcec0387decef3285f554284c
SHA1

03d9cbee9522c2c8a267b7e9599a9d245c35c7ac
SHA256

b4e90d54cb2c30b79086c1b143ecaa786a8e3866478c8d02755a5af2522f6337
SHA512

836a3447d3b9f76060fc8a3bab4491cb7ac01a70eaac0636e1726bbb444fde7ec9af8e4d0bef9dd395b0af30cd3ff6bfe4a6473a7c37b82f2bf1650db7043ab9
SSDEEP

6144:aDEMO1jp2qn9FrB/WOUh97Zl9T0cP1jRLTxpeRq0mRAHN61Z:wElDXn9FLUPBT0cNZYFmRWwZ

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

hxyz

Decoy

rocketfail.info

myktbw.com

weednbooze.com

payme-checkout.com

mrt2022.com

uokyasti.icu

hoteldesilvapiaseczno.com

hcdongli.net

8usd.com

africasupplychainthinktank.com

50by250.net

thelsdesign.com

lauraapine.com

albrightonhouse.com

m-arad-attorney.com

wongtangstore8.host

davisandstine.com

catcatwoman9camcomto.photos

jumpstarbungee.com

complexx-industries.com

Targets

- Target
  
  03d9cbee9522c2c8a267b7e9599a9d245c35c7ac
- Size
  
  297KB
- MD5
  
  1389a18fcec0387decef3285f554284c
- SHA1
  
  03d9cbee9522c2c8a267b7e9599a9d245c35c7ac
- SHA256
  
  b4e90d54cb2c30b79086c1b143ecaa786a8e3866478c8d02755a5af2522f6337
- SHA512
  
  836a3447d3b9f76060fc8a3bab4491cb7ac01a70eaac0636e1726bbb444fde7ec9af8e4d0bef9dd395b0af30cd3ff6bfe4a6473a7c37b82f2bf1650db7043ab9
- SSDEEP
  
  6144:aDEMO1jp2qn9FrB/WOUh97Zl9T0cP1jRLTxpeRq0mRAHN61Z:wElDXn9FLUPBT0cNZYFmRWwZ
Score

10^/10

xloader hxyz loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2