xloader | 99d2fb746a87f63249f16a6234cb0d2b77e5f11cc504b0e33ab722a97250f455

General

Target

99d2fb746a87f63249f16a6234cb0d2b77e5f11cc504b0e33ab722a97250f455
Size

176KB
MD5

c5b5c8e5db62122dd807d436b3183e21
SHA1

d4d7a376f0711c75ffe8d5a61b57afff76b08c9d
SHA256

99d2fb746a87f63249f16a6234cb0d2b77e5f11cc504b0e33ab722a97250f455
SHA512

d3684614a0e3a2c7ab20377f2735a9974c39aa3e16b8c3b9f0ed720cf67a9942470e7624f01167a06cf61b3987e33bb887520527f8e050381a7a7bd806a95b8c
SSDEEP

3072:5ZbTC+ouNlcjm1NRVosWIMs/EUbhGjDwZPxZVBW/9/3K5pBbpyXTL/:5Zqu/5RVoPs/QX+PxZy/9iHbyj

Score

10^/10

rat edru xloader

Malware Config

Extracted

Family

xloader

Version

2.6

Campaign

edru

Decoy

yuiksd.zone

jewishkindergarten.com

zigezia.store

voltagehyatt.com

puy-0pyvu4.xyz

pakwarriors.com

ieltsjunior.com

lyrfgtr.xyz

damacmetaverse.xyz

tlpo-dhoao4.xyz

healthprofessional.xyz

dnfdtrckngg.com

farmgirlcooking.com

moneyincomebd.com

gardxglobal.com

futureinvest.space

veaqee.xyz

asanlove.com

suleymaniyecami.com

xiua.xyz

Signatures

Xloader family
xloader

Xloader payload 1 IoCs

rat

resource	yara_rule
sample	xloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99d2fb746a87f63249f16a6234cb0d2b77e5f11cc504b0e33ab722a97250f455

Files

99d2fb746a87f63249f16a6234cb0d2b77e5f11cc504b0e33ab722a97250f455
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 167KB - Virtual size: 166KB

.rsrc Size: 1024B - Virtual size: 960B

.text
Size: 167KB - Virtual size: 166KB

.rsrc
Size: 1024B - Virtual size: 960B