xloader

General

Target

fa84498e7c2f782eb7e2fbc031f70859_JaffaCakes118
Size

1.3MB
Sample

240419-rzk7hseg94
MD5

fa84498e7c2f782eb7e2fbc031f70859
SHA1

cbc9482a3e102f8f2f76b07424b7580c475e7900
SHA256

85d66b1ddbd5ebdb7be3883335db72866c2c3a51f96a81655af51e6f139bb228
SHA512

36e32b1df238c22840b8d1dc9351fe13ce538bd4efe3a2a31d6673404133457c2084e8bd9a3cda15f5b71c88e16261f3884036042d0975b8feabf21079413b62
SSDEEP

24576:sQ1ftboSzyRuGj6N/i44rhXZNus89UrmMnfk/iQ2+S0dS:syt/MuhbcWsaU9fk/Pjg

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

h388

Decoy

americangrindstone.com

qdy6.club

bestsecretrecipes.info

11restoran.com

mrhashtags.com

theexecutivestudio.com

levilatte.com

indiantrio.com

msdhigh.com

spartandiesel.com

soccersundays.com

eliteworldcars.com

superlemon001.com

greenlight.school

kuryeforum.xyz

abc-322.com

campbellretreat.com

argonmode.net

movievilla.info

brateix.info

Targets

- Target
  
  fa84498e7c2f782eb7e2fbc031f70859_JaffaCakes118
- Size
  
  1.3MB
- MD5
  
  fa84498e7c2f782eb7e2fbc031f70859
- SHA1
  
  cbc9482a3e102f8f2f76b07424b7580c475e7900
- SHA256
  
  85d66b1ddbd5ebdb7be3883335db72866c2c3a51f96a81655af51e6f139bb228
- SHA512
  
  36e32b1df238c22840b8d1dc9351fe13ce538bd4efe3a2a31d6673404133457c2084e8bd9a3cda15f5b71c88e16261f3884036042d0975b8feabf21079413b62
- SSDEEP
  
  24576:sQ1ftboSzyRuGj6N/i44rhXZNus89UrmMnfk/iQ2+S0dS:syt/MuhbcWsaU9fk/Pjg
Score

10^/10

xloader h388 loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2