xloader | d1cac8f1a8b1973ac5ce34e116ab77fda5a06bb05e35000596d076eeb3db9169

General

Target

d1cac8f1a8b1973ac5ce34e116ab77fda5a06bb05e35000596d076eeb3db9169
Size

164KB
Sample

241121-y65ytsxjcy
MD5

ff2b1c3dc9ebdd13567a67ef664db4e5
SHA1

cfff21853203cc07f64722987dfd74a66de90304
SHA256

d1cac8f1a8b1973ac5ce34e116ab77fda5a06bb05e35000596d076eeb3db9169
SHA512

592a6ce8746d8b34bd3ea60f505e9129edb5dc94364c4e9da95152e33314598af2162ec3b3388427a05d405edd1924c221cf79bc692e6e0d82ed4b52b18b2ca4
SSDEEP

3072:xCJ1iBaj5wD0fMW/RMpNw1mE48BzY15Q5IKcgWwnfuwQ+N:xsB/5Mp6IP8BzY15bKkwWwvN

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

ub4t

Decoy

zmaonaz.com

theconciergenursenetwork.com

eyfliq.com

irassari-goods.com

worcesterhistory.store

carservicescloud.net

kbmarket.xyz

magentaharbor.com

dandeelock.com

rentaprousa.com

oreillyandrew.com

sitrackline.com

scienceworldapub.com

learnworlds-partners.com

koodar.com

28mpt.xyz

condiscrezione.com

q1n.space

cooltrue.xyz

hajcgac.xyz

Targets

- Target
  
  d1cac8f1a8b1973ac5ce34e116ab77fda5a06bb05e35000596d076eeb3db9169
- Size
  
  164KB
- MD5
  
  ff2b1c3dc9ebdd13567a67ef664db4e5
- SHA1
  
  cfff21853203cc07f64722987dfd74a66de90304
- SHA256
  
  d1cac8f1a8b1973ac5ce34e116ab77fda5a06bb05e35000596d076eeb3db9169
- SHA512
  
  592a6ce8746d8b34bd3ea60f505e9129edb5dc94364c4e9da95152e33314598af2162ec3b3388427a05d405edd1924c221cf79bc692e6e0d82ed4b52b18b2ca4
- SSDEEP
  
  3072:xCJ1iBaj5wD0fMW/RMpNw1mE48BzY15Q5IKcgWwnfuwQ+N:xsB/5Mp6IP8BzY15bKkwWwvN
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2