xloader | 255822b98ebd625c2f862f51163ca98c1691cb65ebc9a21013a42b426e63bf88

General

Target

255822b98ebd625c2f862f51163ca98c1691cb65ebc9a21013a42b426e63bf88
Size

164KB
Sample

241121-y4nlrswrds
MD5

abe156c1201bf2bae1ae673c52b7f829
SHA1

7d131a750834db580892dcae104ad63470d51452
SHA256

255822b98ebd625c2f862f51163ca98c1691cb65ebc9a21013a42b426e63bf88
SHA512

aa6b2668322e15bd995f7de084faf009cef42f6b717d1c3c9f17e105958574768d8f67061c6975046acb743859717f4d7875ac19fdaca3daf7776abd9fecaa28
SSDEEP

3072:rJ2m+25Rk2D3qEMQ29sO2gd8N4bgOrVb1iCC4nq:8mCgXMQwTaN4b7b1

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

foi3

Decoy

bmhdyw.com

rombutan.com

dugerits.com

teamsheetz.com

jobalrtforme.com

tracoschop.com

scoopdoggy.online

skydaddy.guru

france-ais.com

mall-mrc.com

petitsiteentreamis.com

caixadepandora.club

resortcottages19.com

marcopolotogo.com

kolekonieczka.com

kloecker-versicherungen.com

howtofindahotniche.com

jiancanshu.com

solheimdesign.com

kipnesrealtygroup.com

Targets

- Target
  
  255822b98ebd625c2f862f51163ca98c1691cb65ebc9a21013a42b426e63bf88
- Size
  
  164KB
- MD5
  
  abe156c1201bf2bae1ae673c52b7f829
- SHA1
  
  7d131a750834db580892dcae104ad63470d51452
- SHA256
  
  255822b98ebd625c2f862f51163ca98c1691cb65ebc9a21013a42b426e63bf88
- SHA512
  
  aa6b2668322e15bd995f7de084faf009cef42f6b717d1c3c9f17e105958574768d8f67061c6975046acb743859717f4d7875ac19fdaca3daf7776abd9fecaa28
- SSDEEP
  
  3072:rJ2m+25Rk2D3qEMQ29sO2gd8N4bgOrVb1iCC4nq:8mCgXMQwTaN4b7b1
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2