General

  • Target

    ca8b694e39fa4434452fd6aa9f67b61a

  • Size

    652KB

  • Sample

    231222-r5ea6acgfn

  • MD5

    ca8b694e39fa4434452fd6aa9f67b61a

  • SHA1

    75e3006f621b57eff1ccd1d938f913640be41185

  • SHA256

    f3a030dab40094ec0236d66c4cce34ad31b0e8723c2b1191e6171b7a5dbab8de

  • SHA512

    27dba13047b33c434b92acfb5350b34f850413d1b8d9a6eb65b3f3ac80c35376d03db014da3deeeb109b6a8cdbaed8841c9bde7fa7b44ac43798697f87338ccf

  • SSDEEP

    6144:sIFJLgGpA6s7pdSS1eFQTdzaU3N2O0hmdnCeWSWSm89hK1LXwDkVBco+DC:17szBeFKGUd2O6mdniSWi9hyiu

Score
10/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

a0ce

Decoy

chennaiprintshop.com

criminallawbd.com

www140800.com

southernleaflounge.com

moderngypsydesignlabs.com

bioarmourtech.com

simplyalina.com

picnicdepot.com

peshawarsc.com

innovativecustomcabinetry.com

fzju-ovrzw.xyz

63mews.com

giovannitarga.com

modernofficeaccessories.com

a2zpetcare.net

online-nb.com

brateix.info

bosc.pro

xcarethospitality.com

sedulabs.com

Targets

    • Target

      ca8b694e39fa4434452fd6aa9f67b61a

    • Size

      652KB

    • MD5

      ca8b694e39fa4434452fd6aa9f67b61a

    • SHA1

      75e3006f621b57eff1ccd1d938f913640be41185

    • SHA256

      f3a030dab40094ec0236d66c4cce34ad31b0e8723c2b1191e6171b7a5dbab8de

    • SHA512

      27dba13047b33c434b92acfb5350b34f850413d1b8d9a6eb65b3f3ac80c35376d03db014da3deeeb109b6a8cdbaed8841c9bde7fa7b44ac43798697f87338ccf

    • SSDEEP

      6144:sIFJLgGpA6s7pdSS1eFQTdzaU3N2O0hmdnCeWSWSm89hK1LXwDkVBco+DC:17szBeFKGUd2O6mdniSWi9hyiu

    Score
    10/10
    • Xloader

      Xloader is a rebranded version of Formbook malware.

    • Xloader payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks