General

  • Target

    31ce7d8522a4ee3ba72ed934e7ffd70b_JaffaCakes118

  • Size

    247KB

  • Sample

    240330-de5hrsgc98

  • MD5

    31ce7d8522a4ee3ba72ed934e7ffd70b

  • SHA1

    47f2c35db86890a4b155562fa0622f10518f3df3

  • SHA256

    c04a6522c272316586333bdd0e1c78427b3dd04976d77e45d937fe763bea101f

  • SHA512

    0f41f41d4fa9deaedd8c853ebbb8689e212f279502224031833a3ae4bb07160e19ff6d031e59feaf4945851e7b2ec03132c9b7b9136c89ffc1a58e2c974def3f

  • SSDEEP

    6144:wBlL/cImhOSmCgu1lf7zDQ5kwNJ7wdsVZrXe9ajPjIRNz+U5OO:CeIcQA5UbrXeYsRcU5x

Score
10/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

hr8n

Decoy

xn--z4qv1cr56dk0k.group

trend-shopping.net

redherring.agency

jeetopesekashback.xyz

myverizonbillpay.com

enjoy-developpement.com

reals-markets-34.xyz

nobadfeelings.com

libbybruce.space

noobcakes.com

silviomicalikush.xyz

taschenhimmel.guru

terradr.one

suvsangebotguenstigdeorg.com

bercatv.com

toytraderinc.com

mintnft.energy

apnagas.com

canalsidespeech.com

oporbagehi.quest

Targets

    • Target

      31ce7d8522a4ee3ba72ed934e7ffd70b_JaffaCakes118

    • Size

      247KB

    • MD5

      31ce7d8522a4ee3ba72ed934e7ffd70b

    • SHA1

      47f2c35db86890a4b155562fa0622f10518f3df3

    • SHA256

      c04a6522c272316586333bdd0e1c78427b3dd04976d77e45d937fe763bea101f

    • SHA512

      0f41f41d4fa9deaedd8c853ebbb8689e212f279502224031833a3ae4bb07160e19ff6d031e59feaf4945851e7b2ec03132c9b7b9136c89ffc1a58e2c974def3f

    • SSDEEP

      6144:wBlL/cImhOSmCgu1lf7zDQ5kwNJ7wdsVZrXe9ajPjIRNz+U5OO:CeIcQA5UbrXeYsRcU5x

    Score
    10/10
    • Xloader

      Xloader is a rebranded version of Formbook malware.

    • Xloader payload

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    • Target

      $PLUGINSDIR/olzh.dll

    • Size

      23KB

    • MD5

      6df7a450da261bff1444fb7d6f1e2be7

    • SHA1

      839f6b3792c54ee28cd934211cadda883b47bb5d

    • SHA256

      9210ecc0b38f24856aa926ebac3427e1c63b9720a3241421b42e459cbdedd0d8

    • SHA512

      65a0ef4b32a71d97bdff2d155ee02b965445dc0db6656d6247ce09d2c13fcffb7d9ac535bf3341642f4b25aa5b1d204bba63141870f894b9631a3e537aab7c7c

    • SSDEEP

      384:BSZAHFEMvQaN2qzUhVCnJLyeVzFA1Iiv2LDg9u+ncBU5iQ1:BCAllgqzOCjVLe+g9vnSUwQ

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks