General

  • Target

    f89a477dfb7524fbf8f8e2826d701bd9760ccfa53ada19fa33ec6da2a2ef6707

  • Size

    164KB

  • MD5

    ffdce53804114c8dcf2cf7ed0fd67db3

  • SHA1

    7072601bb01032402fd7428414cafa314825b17a

  • SHA256

    f89a477dfb7524fbf8f8e2826d701bd9760ccfa53ada19fa33ec6da2a2ef6707

  • SHA512

    d86907f29a832d34af058a2319b43447de8f6e8751eac34d6615d30426709edfccaf4782399a13ea6a29cb26a9d29a5a92eeef41c69bd716a367aa42c4276fd6

  • SSDEEP

    3072:pJJQEjuLsu25lGUwM9y7KwXyWNNIyDJ9avpboyMLySx3nC:p07ZlM9aXXy2NPTavl093n

Score
10/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

u2po

Decoy

alaiport.com

frenchmaisonmall.com

bludienst.digital

icaterparties.com

www361212c.com

oceandragonmanhattan.com

addsinfo.com

bananothing.com

bolimtrading.com

jsgunworksstc.com

haomu2021.com

blueskydrywallpaintingllc.com

der-kuechenmann.com

menciabarbershop.com

luxeeretailshop.com

thelifeinsurancebook.com

mysteelmarket.net

elreporteroonline.com

shopfittingshop.com

crosschainloan.com

Signatures

  • Xloader family
  • Xloader payload 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f89a477dfb7524fbf8f8e2826d701bd9760ccfa53ada19fa33ec6da2a2ef6707
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections