xloader | 634f51d38eaeb5f38bf45b5dd8b09ef1413bdec23fd2223c0bc9e4767ee81158 | Triage

Sharing

General

Target

6b8c5ca9a210761d6a596da35654a61b_JaffaCakes118
Size

839KB
Sample

241022-wkyxaazdjk
MD5

6b8c5ca9a210761d6a596da35654a61b
SHA1

5e5a33b9ef25d92065c6f89920bb4b6cc690033b
SHA256

634f51d38eaeb5f38bf45b5dd8b09ef1413bdec23fd2223c0bc9e4767ee81158
SHA512

52e70b69864680f5e1a44c4bad09f97c83781ee7b27ee9d8799229e524f76155b1e7abd9fa850064ac97c930b8e499c37ea0566f503b149be60aa85290cef864
SSDEEP

12288:1En/4qdHK7zvrsTfD/PG3fMSEmjGLD8e39t7zBNJawG525oxElWc5e7BH6YA:GgJP+r/PG3fMMCLD8e3wv7ahc

Score

10^/10

xloader q4kr discovery loader rat

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

q4kr

Decoy

realmodapk.com

hanoharuka.com

shivalikspiritualproducts.com

womenshealthclinincagra.com

racketpark.com

startuporig.com

azkachinas.com

klanblog.com

linuxradio.tools

siteoficial-liquida.com

glsbuyer.com

bestdeez.com

teens2cash.com

valleyviewconstruct.com

myfortniteskins.com

cambecare.com

csec2011.com

idookap.com

warmwallsrecords.com

smartmirror.one

Targets

- Target
  
  6b8c5ca9a210761d6a596da35654a61b_JaffaCakes118
- Size
  
  839KB
- MD5
  
  6b8c5ca9a210761d6a596da35654a61b
- SHA1
  
  5e5a33b9ef25d92065c6f89920bb4b6cc690033b
- SHA256
  
  634f51d38eaeb5f38bf45b5dd8b09ef1413bdec23fd2223c0bc9e4767ee81158
- SHA512
  
  52e70b69864680f5e1a44c4bad09f97c83781ee7b27ee9d8799229e524f76155b1e7abd9fa850064ac97c930b8e499c37ea0566f503b149be60aa85290cef864
- SSDEEP
  
  12288:1En/4qdHK7zvrsTfD/PG3fMSEmjGLD8e39t7zBNJawG525oxElWc5e7BH6YA:GgJP+r/PG3fMMCLD8e3wv7ahc
Score

10^/10

xloader q4kr discovery loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xloaderq4krdiscoveryloaderrat

behavioral2

xloaderq4krdiscoveryloaderrat