xloader

General

Target

513662df09fcab9f043d540bb6351a27.exe
Size

528KB
Sample

240110-x2gvrseefm
MD5

513662df09fcab9f043d540bb6351a27
SHA1

749abbc72ea86fceadc098d075e833476f37d3e7
SHA256

f7874bc0170a407c11645c0c47a33da911dc78d882e4c0f3e1dc072232bb106a
SHA512

3ebcb2f88bb31229d1db8b184669f714e33c3e65f54474993b79f207826f44fc0b700b39516d2f4016efc789a2389b995d7ebe6932a3e9eae6fed354f3095b8d
SSDEEP

12288:yMJL7Rz1UNWbheLTqjYlNi/OV+o/Hg9aWBgwiUO:l9Hh05zXV+o/8vBgzUO

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

m64e

Decoy

fashionrep.info

jglbjc.com

directoroa.com

e-lectricbike.net

sacredcircleradio.com

impactnewsworld.com

baltourbus.com

strexesa.com

dhdhfund.com

seascape.vacations

prosperitywhiz.com

black-quartz.com

shuokongtech.com

theuniversalwaits.com

playastudio.club

wjusbgfkw.icu

admissionguide.info

tabernacleofgodint.com

msproblemsolver.com

mtnrdgo365.com

Targets

- Target
  
  513662df09fcab9f043d540bb6351a27.exe
- Size
  
  528KB
- MD5
  
  513662df09fcab9f043d540bb6351a27
- SHA1
  
  749abbc72ea86fceadc098d075e833476f37d3e7
- SHA256
  
  f7874bc0170a407c11645c0c47a33da911dc78d882e4c0f3e1dc072232bb106a
- SHA512
  
  3ebcb2f88bb31229d1db8b184669f714e33c3e65f54474993b79f207826f44fc0b700b39516d2f4016efc789a2389b995d7ebe6932a3e9eae6fed354f3095b8d
- SSDEEP
  
  12288:yMJL7Rz1UNWbheLTqjYlNi/OV+o/Hg9aWBgwiUO:l9Hh05zXV+o/8vBgzUO
Score

10^/10

xloader m64e loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2