General
-
Target
9865e01c07005c2c391aca7c2a6fd527573f3fcd48b2e8577f2eab14ba6f55d2
-
Size
524KB
-
Sample
240811-apw3lawbnq
-
MD5
89b94e1ed5a44eb05adba3a516f010fb
-
SHA1
d5566abf7944d1ba830515eacf0b4647bf907bb4
-
SHA256
9865e01c07005c2c391aca7c2a6fd527573f3fcd48b2e8577f2eab14ba6f55d2
-
SHA512
edc0c56a33e4e4747c1d7306f4d777759c426a375d0283bc5f5af9b9ee7aa365602bb4dd43697d23bcbca82f35537b04f71d9bdf0cf23aebeda277dc30878e21
-
SSDEEP
12288:X9pL8dQnSsG5u8j/cYRHFuVv32+XAEDuME4lbMIOy:X9pL8dQnSsG5umRHFKjXAED+ibMXy
Malware Config
Extracted
xloader
2.3
ma3c
bensimonconstructions.com
margaretta.info
getreireply.com
jamierighetti.com
gxjljc.com
internet-exerzitien.com
appetiteintelligence.com
buscar-id-apple.com
unique-bikinis.com
enclassique.com
dafontonline.com
northamericancarbonexchange.com
yashasvsaluja.com
sn-international.com
humanvitality.site
sarahcasias.com
xn--vrv276h3cb.com
curiget.xyz
anxietyattackscure.com
angelstonecrystals.com
Targets
-
-
Target
9865e01c07005c2c391aca7c2a6fd527573f3fcd48b2e8577f2eab14ba6f55d2
-
Size
524KB
-
MD5
89b94e1ed5a44eb05adba3a516f010fb
-
SHA1
d5566abf7944d1ba830515eacf0b4647bf907bb4
-
SHA256
9865e01c07005c2c391aca7c2a6fd527573f3fcd48b2e8577f2eab14ba6f55d2
-
SHA512
edc0c56a33e4e4747c1d7306f4d777759c426a375d0283bc5f5af9b9ee7aa365602bb4dd43697d23bcbca82f35537b04f71d9bdf0cf23aebeda277dc30878e21
-
SSDEEP
12288:X9pL8dQnSsG5u8j/cYRHFuVv32+XAEDuME4lbMIOy:X9pL8dQnSsG5umRHFKjXAED+ibMXy
Score10/10-
Xloader
Xloader is a rebranded version of Formbook malware.
-
Xloader payload
-
Suspicious use of SetThreadContext
-