Overview

overview

10

Static

static

10

3424-398-0...ry.exe

windows7-x64

1

3424-398-0...ry.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3424-398-0x0000000010410000-0x000000001043B000-memory.dmp

  • Size

    172KB

  • Sample

    230615-r96afaaa67

  • MD5

    0ae0293bc13c385d34a854b7ab57d566

  • SHA1

    9bcf598dfc7f5bda9004aab0a4fd0c186d66793c

  • SHA256

    1603b72ec7a58b1097b79e8adaffe397fc1edb1c3adddef1726dc4ac3619af50

  • SHA512

    9599ac8277f33d1bb432a123d05d92e28bdf32eaa4ed5e95f85d325cbad2be98b63ae592b0e858511e8c810cd94ebdba38460d9b772446f62b8f9cf52932b6b8

  • SSDEEP

    3072:YyBTloLdN+pcW0w/ZBmWs81zQUQsolaoJN4Nv57Xg8ryHu:Yyc5NyN/ZBx1zEdYoJN4NvdXgoyHu

Score
10/10
xloaderuj3crat

Malware Config

Extracted

Family

xloader

Version

2.6

Campaign

uj3c

Decoy

copimetro.com

choonchain.com

luxxwireless.com

fashionweekofcincinnati.com

campingshare.net

suncochina.com

kidsfundoor.com

testingnyc.co

lovesoe.com

vehiclesbeenrecord.com

socialpearmarketing.com

maxproductdji.com

getallarticle.online

forummind.com

arenamarenostrum.com

trisuaka.xyz

designgamagazine.com

chateaulehotel.com

huangse5.com

esginvestment.tech

Targets

    • Target

      3424-398-0x0000000010410000-0x000000001043B000-memory.dmp

    • Size

      172KB

    • MD5

      0ae0293bc13c385d34a854b7ab57d566

    • SHA1

      9bcf598dfc7f5bda9004aab0a4fd0c186d66793c

    • SHA256

      1603b72ec7a58b1097b79e8adaffe397fc1edb1c3adddef1726dc4ac3619af50

    • SHA512

      9599ac8277f33d1bb432a123d05d92e28bdf32eaa4ed5e95f85d325cbad2be98b63ae592b0e858511e8c810cd94ebdba38460d9b772446f62b8f9cf52932b6b8

    • SSDEEP

      3072:YyBTloLdN+pcW0w/ZBmWs81zQUQsolaoJN4Nv57Xg8ryHu:Yyc5NyN/ZBx1zEdYoJN4NvdXgoyHu

    Score
    5/10

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks