xloader | 2c173162ecb55aba0b9bdbb9e93bdf5073eea7cca02e25e2fe8c4483f852ec7e[.]exe

General

Target

2c173162ecb55aba0b9bdbb9e93bdf5073eea7cca02e25e2fe8c4483f852ec7e.exe
Size

172KB
MD5

a051129505cd62bd6f387c2c627c2a22
SHA1

ec872f29c19d0199cf6e38e9fca06d8811bdb097
SHA256

2c173162ecb55aba0b9bdbb9e93bdf5073eea7cca02e25e2fe8c4483f852ec7e
SHA512

7c240249991a904b1ed0808bca7b41f6e8b3b181acf26cd07d8375e7c51112373e3ca7f00a13cef8292a1cd0c40428b46317fc1d6278b64ff4477b6f0858eaee
SSDEEP

3072:nLifM4usJiw5elZRXWaJdn1HQwqmfQpqvq/WYAIgKQ8Tnl:nguQ5kRXd1wwJopqvZS9L

Score

10^/10

rat poub xloader formbook

Malware Config

Extracted

Family

formbook

Campaign

poub

Decoy

WY0eksfISzRg4O6c+opnGL6gaw==

moRjn9ExtYi8UmUo+Tya

2vME+GedoxzFnuLXesUoVj4=

EvW4JWJ1NQ8nN3tA3SM=

2mK9efMZMgN1VOs=

8d0jua5b0J6AQEW7

/2cyThOd37DSTYMASDye4Q0t/Vs=

ral+tbIh2KKAQEW7

YLY9jsPtYB/FRmMo+Tya

R1WcElWAMtFxFrVqtZT2ZpIS9xRZNho=

KFXGg/T1pCC9GjrxUPTcjw==

8mMlK5nDwjjPFTP5jMtAtQ0t/Vs=

c7am8nhhlCo=

UW91trZj6dENxuRdpxOvW1Cf

sjOMUcvq6lYJCZEfV4euFzY=

62nBgPjdmWQkmWElww==

64E8JqA1aruSUvw=

NqI1reXpcR+REye0

8+y1oOsbjgSyEhjXUPTcjw==

Rx9by8gNBwN1VOs=

Signatures

Formbook family
formbook
Xloader family
xloader

Xloader payload 1 IoCs

rat

resource	yara_rule
sample	xloader

Files

2c173162ecb55aba0b9bdbb9e93bdf5073eea7cca02e25e2fe8c4483f852ec7e.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 171KB - Virtual size: 171KB

.text
Size: 171KB - Virtual size: 171KB