General

  • Target

    53d55c75030ff7d58afd45080fa00dd2

  • Size

    160KB

  • MD5

    53d55c75030ff7d58afd45080fa00dd2

  • SHA1

    491f757c4131847c8c64247191c8c4d3619be5ec

  • SHA256

    0a27390d4913479f0929cd8ae68ca7f1e7f5c48139e3552677cc19a27d42a935

  • SHA512

    f3cd525ce30d770ab512b28a9e0da384f240a4946515cd1898586fb7125a2b4023014d24dcbf63aa86246f9b41f21ae90f0d9b92817c05f5b9ddb96e604a5a14

  • SSDEEP

    3072:yyBcst6tZJAxgC2oWNd336/Ktt0OWNXRJfUqZhEktnS1AVL+Q:yJrjloWfnMKtCOWNXRq8znSm8Q

Score
10/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

wufn

Decoy

rsautoluxe.com

theroseofsharonsalon.com

singnema.com

nathanielwhite108.com

theforumonline.com

iqpt.info

joneshondaservice.com

fafene.com

solanohomebuyerclass.com

zwq.xyz

searchlakeconroehomes.com

briative.com

frystmor.city

systemofyouth.com

sctsmney.com

tv-safetrading.com

thesweetboy.com

occulusblu.com

pawsthemomentpetphotography.com

travelstipsguide.com

Signatures

  • Xloader family
  • Xloader payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 53d55c75030ff7d58afd45080fa00dd2
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections