xloader

General

Target

0250e6bc6bd00b67b62440914f4f9d86_JaffaCakes118
Size

819KB
Sample

240930-vapp7avgrj
MD5

0250e6bc6bd00b67b62440914f4f9d86
SHA1

71ccf512311d0dc53e8cee5e05afe4253efee7f2
SHA256

e7d82461eec08c88e23ad2651e86e3a25d113dcce4402ccac789f0cffda7b71d
SHA512

4fc1eba75e8d5207270efa58298771c366c08eaefde275bf1c365a8d0aa9559593b52407d2159131cbfa7d254d558c63bcdd52dc524a8b2151776fbf02e6cb0c
SSDEEP

24576:EbQ+X8+UiDLbRHahtNrcI1UCHNda/wv7L8O3VjW:gCrj1dt2wjL8X

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

cuig

Decoy

sofiathinks-elderly.net

lahamicoast.info

2shengman.com

cbsautoplex.com

arcana-candles.com

genrage.com

kukumiou.xyz

thequizerking.com

sonataproductions.com

rebuildgomnmf.xyz

ubcoin.store

yiyouxue.net

firstlifehome.com

mdx-inc.net

gotbn-c01.com

dinobrindes.store

jcm-iso.com

cliente-mais.com

mloujewelry.com

correoversoi.quest

Targets

- Target
  
  0250e6bc6bd00b67b62440914f4f9d86_JaffaCakes118
- Size
  
  819KB
- MD5
  
  0250e6bc6bd00b67b62440914f4f9d86
- SHA1
  
  71ccf512311d0dc53e8cee5e05afe4253efee7f2
- SHA256
  
  e7d82461eec08c88e23ad2651e86e3a25d113dcce4402ccac789f0cffda7b71d
- SHA512
  
  4fc1eba75e8d5207270efa58298771c366c08eaefde275bf1c365a8d0aa9559593b52407d2159131cbfa7d254d558c63bcdd52dc524a8b2151776fbf02e6cb0c
- SSDEEP
  
  24576:EbQ+X8+UiDLbRHahtNrcI1UCHNda/wv7L8O3VjW:gCrj1dt2wjL8X
Score

10^/10

xloader cuig discovery loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader payload

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2