xloader | 778a433f0c438f5f4ad261e0c14d350e37f10d8fe4ca7794da84052aa114f94c | Triage

Sharing

General

Target

247e2ce013cbda5db987f42355048389_JaffaCakes118
Size

708KB
Sample

241008-yhxmjstbkf
MD5

247e2ce013cbda5db987f42355048389
SHA1

1709f83e2066fbbfc9cac502807cb733ebafed6d
SHA256

778a433f0c438f5f4ad261e0c14d350e37f10d8fe4ca7794da84052aa114f94c
SHA512

118680110ef4ba7d344861f052a9d28a1d3a2b2095c0e365ede6341fda44a06faf74b75ab087cd3618020e7c4ef3eca556fbbb4aa63106beb9ea23e04751f5f3
SSDEEP

12288:NNSj3CYRyjC5bhPCd16IUjlNktoJEq/y6INX6LRgU7e9Yn33PZfqFszaldJmlgeF:5CVhPfNDktoGq/wKgDC3hiUaldq5LgA6

Score

10^/10

xloader s32s discovery loader rat

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

s32s

Decoy

pointsfans.com

eternalbybri.com

rajspices.com

evisucdn.com

cunerier.com

meteoagriculture.com

uplighting.net

tomigata.com

dilemmastudio.com

13kirikiriroad.com

lostboysworld.online

anemonashop.com

baiexpress.com

1033391.com

healthandsafetygadgets.com

hawaiiicelimited.com

wheels.works

post89paks.com

hangsicantho.com

theforteners.com

Targets

- Target
  
  247e2ce013cbda5db987f42355048389_JaffaCakes118
- Size
  
  708KB
- MD5
  
  247e2ce013cbda5db987f42355048389
- SHA1
  
  1709f83e2066fbbfc9cac502807cb733ebafed6d
- SHA256
  
  778a433f0c438f5f4ad261e0c14d350e37f10d8fe4ca7794da84052aa114f94c
- SHA512
  
  118680110ef4ba7d344861f052a9d28a1d3a2b2095c0e365ede6341fda44a06faf74b75ab087cd3618020e7c4ef3eca556fbbb4aa63106beb9ea23e04751f5f3
- SSDEEP
  
  12288:NNSj3CYRyjC5bhPCd16IUjlNktoJEq/y6INX6LRgU7e9Yn33PZfqFszaldJmlgeF:5CVhPfNDktoGq/wKgDC3hiUaldq5LgA6
Score

10^/10

discovery xloader s32s loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader payload
  rat
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

xloaders32sdiscoveryloaderrat