xloader

General

Target

1a57158743374e0921da27736bd82f9f
Size

854KB
Sample

231230-qy748aahhk
MD5

1a57158743374e0921da27736bd82f9f
SHA1

aab70a28915715dad73ce093aa0b8cf7a558a860
SHA256

f3238da427c80f842f5b4a789726005ac06157181d80a32105aa639b325d0330
SHA512

cdb5f45bea7052ebcfb5a9484661f8ee7f396a605116c2061fbbd6fc145c734f6bfa7c09705a0536a058a2d186c0101d195320fdca177199b574211af7ffb413
SSDEEP

12288:d137TeVv5IYL6VAO9QQOPv5Gx1MziGqLK49H2dgeYXN1jAt2NjFtOHpF:d1ripBL6VAO9QQ9my9HMy7jAMNja

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

u3r5

Decoy

alashan.ltd

demopagephequan.online

garxznql.icu

unetart.com

dajiangzhibo15.com

influencer.fund

beverlyhills.city

strefafryzur.net

giftboxhawaii.com

ecotiare.com

homeandgardenradioshow.com

sageandsandco.com

laflesoley.com

icipatanegra.online

autovistoriapredial.net

xn--polenezkypark-pmb.com

cbdamic.com

aaronandmarissa.com

datasoma.digital

theclosetology.com

Targets

- Target
  
  1a57158743374e0921da27736bd82f9f
- Size
  
  854KB
- MD5
  
  1a57158743374e0921da27736bd82f9f
- SHA1
  
  aab70a28915715dad73ce093aa0b8cf7a558a860
- SHA256
  
  f3238da427c80f842f5b4a789726005ac06157181d80a32105aa639b325d0330
- SHA512
  
  cdb5f45bea7052ebcfb5a9484661f8ee7f396a605116c2061fbbd6fc145c734f6bfa7c09705a0536a058a2d186c0101d195320fdca177199b574211af7ffb413
- SSDEEP
  
  12288:d137TeVv5IYL6VAO9QQOPv5Gx1MziGqLK49H2dgeYXN1jAt2NjFtOHpF:d1ripBL6VAO9QQ9my9HMy7jAMNja
Score

10^/10

xloader u3r5 loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader payload

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2