xloader | 28aae91cc21aafe51af460bba52c62af9103e8a8c812fb68f55e81c3800e1937

General

Target

28aae91cc21aafe51af460bba52c62af9103e8a8c812fb68f55e81c3800e1937
Size

164KB
Sample

241121-ykymmaznhq
MD5

c217ddbb3ac58ccd4c273b99901ccb8f
SHA1

ad6e078504fd1f41d911e79e35dbafbbd215e5a0
SHA256

28aae91cc21aafe51af460bba52c62af9103e8a8c812fb68f55e81c3800e1937
SHA512

59069a6ebd227dc02c3871704c84a3fcc52b537df5bfa94e14d032212eeac1b60a370ad61f1b7b97ae8bc77c280c0c756b6e4ea28b5987362275282eace46f25
SSDEEP

3072:JJsl2j4X3+mLU/MEWjFrSYtTcaNTx8s6+WJk5e:YdfWMEmoYtTcaFx8sJWJ

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

mexq

Decoy

cyebang.com

hcswwsz.com

50003008.com

yfly624.xyz

trungtamhohap.xyz

sotlbb.com

bizhan69.com

brandmty.net

fucibou.xyz

orderinformantmailer.store

nobleminers.com

divinevoid.com

quickappraisal.net

adventuretravelsworld.com

ashainitiativemp.com

ikkbs-a02.com

rd26x.com

goraeda.com

abbastanza.info

andypartridge.photography

Targets

- Target
  
  28aae91cc21aafe51af460bba52c62af9103e8a8c812fb68f55e81c3800e1937
- Size
  
  164KB
- MD5
  
  c217ddbb3ac58ccd4c273b99901ccb8f
- SHA1
  
  ad6e078504fd1f41d911e79e35dbafbbd215e5a0
- SHA256
  
  28aae91cc21aafe51af460bba52c62af9103e8a8c812fb68f55e81c3800e1937
- SHA512
  
  59069a6ebd227dc02c3871704c84a3fcc52b537df5bfa94e14d032212eeac1b60a370ad61f1b7b97ae8bc77c280c0c756b6e4ea28b5987362275282eace46f25
- SSDEEP
  
  3072:JJsl2j4X3+mLU/MEWjFrSYtTcaNTx8s6+WJk5e:YdfWMEmoYtTcaFx8sJWJ
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2