xloader

General

Target

2fbbab17658dcde448682cc54c33365c_JaffaCakes118
Size

496KB
Sample

240709-kw3ttswapj
MD5

2fbbab17658dcde448682cc54c33365c
SHA1

97ecc1fe2065cb5c509e824c6583b3d589ae7bf5
SHA256

56b03d3827cb209e0cb9fd3410418844f2791a4108e7424c57607c10b328f5f0
SHA512

e92de8a7baf6213b991b4778d6ecc718ba502b41eba273331b51e340bd7e60cc1f57e82f1b3be46af684b98084db61a1d367fa1eca04f5c16a5f9d91ba515757
SSDEEP

12288:bqDmrfjC2IxWQ8/yhWrUgG+bdnAXVnDt:bXfIU9VhA7

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

ur06

Decoy

philippebrooksdesign.com

cmoorestudio.com

profille-sarina23tammara.club

dqulxe.com

uiffinger.com

nolarapper.com

maconanimalexterminator.com

bisovka.com

loveisloveent.com

datication.com

spxo66.com

drhelpnow.com

ladybug-cle.com

macocome.com

thepoppysocks.com

eldritchparadox.com

mercadolibre.company

ismartfarm.com

kansascarlot.com

kevinld.com

Targets

- Target
  
  2fbbab17658dcde448682cc54c33365c_JaffaCakes118
- Size
  
  496KB
- MD5
  
  2fbbab17658dcde448682cc54c33365c
- SHA1
  
  97ecc1fe2065cb5c509e824c6583b3d589ae7bf5
- SHA256
  
  56b03d3827cb209e0cb9fd3410418844f2791a4108e7424c57607c10b328f5f0
- SHA512
  
  e92de8a7baf6213b991b4778d6ecc718ba502b41eba273331b51e340bd7e60cc1f57e82f1b3be46af684b98084db61a1d367fa1eca04f5c16a5f9d91ba515757
- SSDEEP
  
  12288:bqDmrfjC2IxWQ8/yhWrUgG+bdnAXVnDt:bXfIU9VhA7
Score

10^/10

xloader ur06 loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2