Overview

overview

10

Static

static

3

e0c4de5dd6...7b.exe

windows7-x64

10

e0c4de5dd6...7b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e0c4de5dd6fc348f8d6d475c20da8e7b

  • Size

    835KB

  • Sample

    240327-e2z28scg36

  • MD5

    e0c4de5dd6fc348f8d6d475c20da8e7b

  • SHA1

    a49a0cf25cbc520a0d43791aeca50390ba86b86f

  • SHA256

    e07fbf3b9adba7e4aceb5cc6804c0002ee01c000d4e67ff3227f59eb9949c80e

  • SHA512

    0347d69efd04063ea9a77ca0b2b98827b993c6ca80e3ae713f48d0c3d5bba1f6e03e5d375d5da946dedb45dfebcaed37a0b7c68b7daec6836cb4fedbeb64fcb1

  • SSDEEP

    12288:eDoR65AXwgFvuSSXszJCo0LLJQmf/dDhZxrAPnx/eE77w31nctqRyNnTJk/dWl2m:0oR6qgtrLLyYvxktN43qCyB1k/dWl2m

Score
10/10
xloaderwufnloaderrat

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

wufn

Decoy

rsautoluxe.com

theroseofsharonsalon.com

singnema.com

nathanielwhite108.com

theforumonline.com

iqpt.info

joneshondaservice.com

fafene.com

solanohomebuyerclass.com

zwq.xyz

searchlakeconroehomes.com

briative.com

frystmor.city

systemofyouth.com

sctsmney.com

tv-safetrading.com

thesweetboy.com

occulusblu.com

pawsthemomentpetphotography.com

travelstipsguide.com

Targets

    • Target

      e0c4de5dd6fc348f8d6d475c20da8e7b

    • Size

      835KB

    • MD5

      e0c4de5dd6fc348f8d6d475c20da8e7b

    • SHA1

      a49a0cf25cbc520a0d43791aeca50390ba86b86f

    • SHA256

      e07fbf3b9adba7e4aceb5cc6804c0002ee01c000d4e67ff3227f59eb9949c80e

    • SHA512

      0347d69efd04063ea9a77ca0b2b98827b993c6ca80e3ae713f48d0c3d5bba1f6e03e5d375d5da946dedb45dfebcaed37a0b7c68b7daec6836cb4fedbeb64fcb1

    • SSDEEP

      12288:eDoR65AXwgFvuSSXszJCo0LLJQmf/dDhZxrAPnx/eE77w31nctqRyNnTJk/dWl2m:0oR6qgtrLLyYvxktN43qCyB1k/dWl2m

    Score
    10/10
    xloaderwufnloaderrat

    • Xloader

      Xloader is a rebranded version of Formbook malware.

      loaderxloader

    • Xloader payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks