xloader | c1b774df66a8a94a2e51867074792bd4abbb09da0f641de4fb354d891f8ab4dd

General

Target

c1b774df66a8a94a2e51867074792bd4abbb09da0f641de4fb354d891f8ab4dd
Size

164KB
Sample

241121-ynsksazqar
MD5

e6399ca8f2fec3a1c80c4e24d1db0fe9
SHA1

32f586e3d8bdb3cd909714f56a92176642cf5917
SHA256

c1b774df66a8a94a2e51867074792bd4abbb09da0f641de4fb354d891f8ab4dd
SHA512

a1965ff230d2b6b39f1a1ad82fe2a3466fb81a0353571657f41182c55587d453b96ae5be22a39b9f42032846530d66157a5a18172eea008b8eedff166543715f
SSDEEP

3072:M9Rpbk2UI8x3SLDMIC6YC9otELAWU0fL+P5wNuv0Lf:M9XlOinMI//9otELAWUyWC

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

k8yh

Decoy

lift2.cloud

tradeplay.net

familyattorneybg.com

accurbizlist.com

xrcasino.online

walletwriter.space

tiendasbioaseo.com

mrcandywholesale.com

multicoopltda.com

buylebsack.com

pilatesvilanova.com

fendoremi.com

vmfband.com

hrtaro.com

todosartenes.net

glusanka.info

dusa.codes

cfcfcs.xyz

ecostarsenergy.com

tokenbooze.com

Targets

- Target
  
  c1b774df66a8a94a2e51867074792bd4abbb09da0f641de4fb354d891f8ab4dd
- Size
  
  164KB
- MD5
  
  e6399ca8f2fec3a1c80c4e24d1db0fe9
- SHA1
  
  32f586e3d8bdb3cd909714f56a92176642cf5917
- SHA256
  
  c1b774df66a8a94a2e51867074792bd4abbb09da0f641de4fb354d891f8ab4dd
- SHA512
  
  a1965ff230d2b6b39f1a1ad82fe2a3466fb81a0353571657f41182c55587d453b96ae5be22a39b9f42032846530d66157a5a18172eea008b8eedff166543715f
- SSDEEP
  
  3072:M9Rpbk2UI8x3SLDMIC6YC9otELAWU0fL+P5wNuv0Lf:M9XlOinMI//9otELAWUyWC
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2