xloader

General

Target

53b8c0b31af3ba5de658c119e39f73bc
Size

585KB
Sample

240111-rgel1shcfq
MD5

53b8c0b31af3ba5de658c119e39f73bc
SHA1

946d13ae1bcc275b3b1e3542b08f04803a93b50a
SHA256

4311e97e616734f94d1aa4d38f37679749ae84513d132aee134fbc364d25b6ec
SHA512

a2963aeca88f486c519fec957878616182c62ff7fb5f2fda36816678594a4b54192abe56088666328142ddef7479621222de66c5e74a52f69f9756463e417436
SSDEEP

12288:WXe9PPlowWX0t6mOQwg1Qd15CcYk0We10dOi0I9xkhHnSumVWvc/dNNcEUKc:rhloDX0XOf4pI9mhHisENWj

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

noi6

Decoy

yow.today

rkdreamcreations.com

etheriumtech.com

stretchwrench.com

kiddiecruise.com

stickforward.com

videocineproduccion.com

roofinginamerica.com

amarillasnuevomexico.com

armfieldmillerripley.com

macyburn.club

lvbaoshan.com

shopshelponline.com

thebunnybrands.com

newsxplor.com

momunani.com

rebelnqueen.com

tusguitarras.com

nexab2b.com

e3office.express

Targets

- Target
  
  53b8c0b31af3ba5de658c119e39f73bc
- Size
  
  585KB
- MD5
  
  53b8c0b31af3ba5de658c119e39f73bc
- SHA1
  
  946d13ae1bcc275b3b1e3542b08f04803a93b50a
- SHA256
  
  4311e97e616734f94d1aa4d38f37679749ae84513d132aee134fbc364d25b6ec
- SHA512
  
  a2963aeca88f486c519fec957878616182c62ff7fb5f2fda36816678594a4b54192abe56088666328142ddef7479621222de66c5e74a52f69f9756463e417436
- SSDEEP
  
  12288:WXe9PPlowWX0t6mOQwg1Qd15CcYk0We10dOi0I9xkhHnSumVWvc/dNNcEUKc:rhloDX0XOf4pI9mhHisENWj
Score

10^/10

xloader noi6 loader rat upx
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader payload
  rat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader payload

UPX packed file

AutoIT Executable

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2