xloader | c1ce2e8d13a1272f8f4db5ff64b9fa10660d7040f71ac3de3e09a775daade60e | Triage

Sharing

General

Target

0805c568ebc462721f7eb11b15689d51_JaffaCakes118
Size

209KB
Sample

241002-almdzs1gjh
MD5

0805c568ebc462721f7eb11b15689d51
SHA1

ec3aeab30e49c7923783896142187e61927595ef
SHA256

c1ce2e8d13a1272f8f4db5ff64b9fa10660d7040f71ac3de3e09a775daade60e
SHA512

797a8b2a766137f315895d7704468b47b1c191283b9c3f0c3d1754b4693147e4764efe56cd3dd549ef39429731832fe824f1e5ad4882233e99565a3253f6b183
SSDEEP

6144:Fn+MK4LoaK4iIFOpOyrbrH0dltBhqz1SC1mGTlu0rO6304:Fn+RvaziIuOUH0dltBkhS5GAkb

Score

10^/10

xloader ieqo discovery loader rat

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

ieqo

Decoy

new-post-25782.xyz

podcastrrr.com

babyspageelong.com

boaddeo.club

distribuzionemedica.com

peaceofminderbinder.com

abbyrosemusic.com

odessawildliferemoval.com

prosperasight.com

liibbyapp.com

shandaferguson.com

kirsehiryenihaber.com

secured07b-chase.com

leanonmelifeadvice.com

securemtgs.com

temgk255.space

lunasparallevar.com

transportesdario.com

redwork.club

directopolis.com

Targets

- Target
  
  Payment Slip.exe
- Size
  
  223KB
- MD5
  
  5cdcec900819b181a01ea4c007995969
- SHA1
  
  d71954224a3c986ac4a7f116d4067d98257cfbb5
- SHA256
  
  7fd75617ee39e8ed51f7e118f0aa46b83916dbf0d1d769e088c3fca7a4c0014f
- SHA512
  
  e741d7658397cb8f8c581bd3d2c3807b93f9e987ff10668e5d7cea6dee149553392ee32be3983cc4adc9340cfe9ff3915a91faec9ad4a74574c0299d6c4761ad
- SSDEEP
  
  3072:1g10r0K/C7MAov2zdV2JE/0unArFJHJlrAlfidgVkmv058mZT6+upQkdO7:1q0rpsMA+krMBBJHJZdnrb6+uQ
Score

10^/10

xloader ieqo discovery loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader payload
  rat
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xloaderieqodiscoveryloaderrat

behavioral2

xloaderieqodiscoveryloaderrat