xloader | b9c4bcfffcbd5d4796f1565e8f2c8bb667720d0dc27788bfba632d3b564808e3

General

Target

b9c4bcfffcbd5d4796f1565e8f2c8bb667720d0dc27788bfba632d3b564808e3
Size

164KB
Sample

241121-y9wvbs1qbp
MD5

21173d8394661823abf705061f2c1ec0
SHA1

3f98543167027b8b885785f9ec796c9552c1a954
SHA256

b9c4bcfffcbd5d4796f1565e8f2c8bb667720d0dc27788bfba632d3b564808e3
SHA512

93d18cb09e2255dd05c5219d9a04f8295449e29673263ab654733b28ce570e35b9ab4e03e80ab05d6a3cdff22adcfc92743965fb8f46b21f3ce19fbaed00ee5d
SSDEEP

3072:nepBM2zQwbKAupGCeOtaNkmmllhd6ToOAkCsR2D34f6EHNB:nwQzfpGrqaNkmmlZ6ToOAfsRYSN

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

dibu

Decoy

goodbridging.net

niraprotect.net

dhroad.com

gluenstack.com

atozroofingrepairs.com

slagsnmnd.quest

free020.com

125e13th1108.info

regittracker.com

inbo-usa.com

zepsucsenior.quest

dsyai.club

efelerarea.com

villa-joki.com

metalmask.icu

autorainfiltre.com

yasbeyondcollagen.com

sheetpilinquk.com

kitvirtualger.com

jeremy123.com

Targets

- Target
  
  b9c4bcfffcbd5d4796f1565e8f2c8bb667720d0dc27788bfba632d3b564808e3
- Size
  
  164KB
- MD5
  
  21173d8394661823abf705061f2c1ec0
- SHA1
  
  3f98543167027b8b885785f9ec796c9552c1a954
- SHA256
  
  b9c4bcfffcbd5d4796f1565e8f2c8bb667720d0dc27788bfba632d3b564808e3
- SHA512
  
  93d18cb09e2255dd05c5219d9a04f8295449e29673263ab654733b28ce570e35b9ab4e03e80ab05d6a3cdff22adcfc92743965fb8f46b21f3ce19fbaed00ee5d
- SSDEEP
  
  3072:nepBM2zQwbKAupGCeOtaNkmmllhd6ToOAkCsR2D34f6EHNB:nwQzfpGrqaNkmmlZ6ToOAfsRYSN
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2