xloader

General

Target

60c1e3543bef5489370f880d332f2358_JaffaCakes118
Size

817KB
Sample

241020-gy168svfpm
MD5

60c1e3543bef5489370f880d332f2358
SHA1

c6c84fe8b32dcbf8fd8ba7da133ed444d6598bf4
SHA256

db49dbfeed349b8c5ac59aab65bd065a7e9d90a1a45bcee96301fae6cfd508ef
SHA512

7a00790a5676984d83686d6822798ed1b5c3078090699d6897a9bacd992c3369e614f623767a8d34062fa9654eb567c491052c486ea7fb9461987b148b36bad0
SSDEEP

24576:t9nGW5brV2HONizwaqD2Ip0ASwVPu00pji1BLOUAWFxu:tj53VN0w2Su

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

ixwn

Decoy

drmarshaskinner.com

lovablebrows.com

cnfmc.com

post1fr.com

54243474945delta5424.com

lauded.world

clansix.xyz

swipesells.com

au-hokuriku.com

alyxhoulie.com

kuponbank.com

unicdn.xyz

stearmanestates.com

shmily.life

hennessy-maluma.com

czechagents.com

zywbiiu.icu

gree-th.com

naturalboho.com

plusometer.com

Targets

- Target
  
  60c1e3543bef5489370f880d332f2358_JaffaCakes118
- Size
  
  817KB
- MD5
  
  60c1e3543bef5489370f880d332f2358
- SHA1
  
  c6c84fe8b32dcbf8fd8ba7da133ed444d6598bf4
- SHA256
  
  db49dbfeed349b8c5ac59aab65bd065a7e9d90a1a45bcee96301fae6cfd508ef
- SHA512
  
  7a00790a5676984d83686d6822798ed1b5c3078090699d6897a9bacd992c3369e614f623767a8d34062fa9654eb567c491052c486ea7fb9461987b148b36bad0
- SSDEEP
  
  24576:t9nGW5brV2HONizwaqD2Ip0ASwVPu00pji1BLOUAWFxu:tj53VN0w2Su
Score

10^/10

xloader ixwn discovery loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader payload

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2