xloader | 4120bf826ec0e18ebc746e256c8b07098af2852ef88687615e6ebcaeb767a074 | Triage

Sharing

General

Target

4120bf826ec0e18ebc746e256c8b07098af2852ef88687615e6ebcaeb767a074
Size

674KB
Sample

241121-y93ymsxkd1
MD5

c196de9ebcd02296afd7a3d12409d17f
SHA1

f1b49dee5ca9b3aa34ade5cca11a131f0b6fb63b
SHA256

4120bf826ec0e18ebc746e256c8b07098af2852ef88687615e6ebcaeb767a074
SHA512

f027a9ac8b898f3c7bc1ccbed9c50b4f6ef7cfd61d92d3fcd1e30f658bae600956e3a0422e30500c20d41c86aa1b9354fb2a513d5057304342298002832e5dfe
SSDEEP

12288:Q2YbQpSikT2LMGUxEG+9Y9bop6U8yMLspyMm1gs8FVc:Q2Pp6YM5+9Y90Qyxfmys4Vc

Score

10^/10

xloader rnn4 discovery loader rat

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

rnn4

Decoy

saruroman.com

backendfurnitureconsulting.com

invitadito.com

aqemelearning.com

unitedphonerepair.com

xn--l6qt3dk7equidt4a.net

us-pride-day.com

refund.homes

gilanfarrconstruction.com

856380691.xyz

aerolabqhd.com

collective36.com

binhminhxanh.club

droogskateboards.com

thinkbest11.com

realisticallywritten.com

elderlyjustification.com

betteraff.net

freeworkpays.com

callistatease.com

Targets

- Target
  
  New Order062421.bin
- Size
  
  773KB
- MD5
  
  ec64c996d1f3cf242cc9868682953cb9
- SHA1
  
  efcfba0d2909717c223f648f99f7267626aa181c
- SHA256
  
  872d03fd7d4748230a0e84593f7a29c36f70a5c711ed4a4dc2c11a9d9774d06a
- SHA512
  
  80bc57f702810576b236033fcd46d210d0c5027a197a377384c9acc841e7d83b943051635adf56e856ba17370254b0485e87c7f3be2c89f1ec8e13ce60057bb1
- SSDEEP
  
  12288:wjg0JZaF75GF2ezGWSE5D1kIpNJxZ33IBSR+EAD3xDYTyJFIzeLBsvYJbUBQ+138:1bvhEp1OB2M5YTyJmKlsv2a5Cb
Score

10^/10

xloader rnn4 discovery loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader family
  xloader
- Xloader payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xloaderrnn4discoveryloaderrat

behavioral2

xloaderrnn4discoveryloaderrat