Overview

overview

10

Static

static

10

0f919d5b56...3b.exe

windows7-x64

1

0f919d5b56...3b.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0f919d5b569e123a8350089351e8c1a65a11a05c48446c346f21540b9ed79a3b

  • Size

    164KB

  • Sample

    241121-y6x8zsxjcs

  • MD5

    ba6ae3760525a619b08d01017feb00f9

  • SHA1

    1ab8c3672ab8a5fd449b74b9bd9b617d72cb16d0

  • SHA256

    0f919d5b569e123a8350089351e8c1a65a11a05c48446c346f21540b9ed79a3b

  • SHA512

    a750897031f7095f313fb861d86335f2f5de5959c860bd510e04207e101c8c5f3a3c56d507801697e16c7a492cc5bffb464d68ec9f670d161daab7d51adc9a94

  • SSDEEP

    3072:+1JN+etj78iutlfvKMldZQdci9vSn/z+yujKg9P2RXn0M:+1AnyMlbQL9KnbrWKKP2Fn0

Score
10/10
xloaderwdc8discoveryrat

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

wdc8

Decoy

mygotomaid.com

joyoushealthandwellnessspa.com

wefundprojects.com

magicbasketbourse.net

vitos3.xyz

oligopoly.city

beauty-bihada.asia

visitnewrichmond.com

crgeniusworld.biz

bantasis.com

transsexual.pro

casagraph.com

eastjamrecords.com

howtotrainyourmustache.com

heiappropriate.xyz

bataperu.com

ces341.com

prajahitha.com

manuelagattegger.com

wolfpackmotorcycletours.com

Targets

    • Target

      0f919d5b569e123a8350089351e8c1a65a11a05c48446c346f21540b9ed79a3b

    • Size

      164KB

    • MD5

      ba6ae3760525a619b08d01017feb00f9

    • SHA1

      1ab8c3672ab8a5fd449b74b9bd9b617d72cb16d0

    • SHA256

      0f919d5b569e123a8350089351e8c1a65a11a05c48446c346f21540b9ed79a3b

    • SHA512

      a750897031f7095f313fb861d86335f2f5de5959c860bd510e04207e101c8c5f3a3c56d507801697e16c7a492cc5bffb464d68ec9f670d161daab7d51adc9a94

    • SSDEEP

      3072:+1JN+etj78iutlfvKMldZQdci9vSn/z+yujKg9P2RXn0M:+1AnyMlbQL9KnbrWKKP2Fn0

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks