xloader | 52ca02e9f8bc5f3029ad61ae65de37b3bd4156124730f732a0ebd1d2828f898f | Triage

Sharing

General

Target

52ca02e9f8bc5f3029ad61ae65de37b3bd4156124730f732a0ebd1d2828f898f
Size

399KB
Sample

241121-yqn1dazqhp
MD5

cab5a87228b1ed6ad6c23c65b6fa137f
SHA1

b6976ff4775da2e0f1b52fea56a59a938bccdf2d
SHA256

52ca02e9f8bc5f3029ad61ae65de37b3bd4156124730f732a0ebd1d2828f898f
SHA512

adb250a03a345f8ecda67fd1f2d54fed80eb99bfa87c8cd5cba5fb1b64b05218d1ba2c089549878f4b2a3cf66b405dc23873355e087f3751d6308d526c54992f
SSDEEP

12288:ZtrnVPoar1RcU3+Uf87iiyDX++7ZtlDsJma28JQP:TmqtF87zyDu+lncmgJW

Score

10^/10

xloader m3ci discovery loader rat

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

m3ci

Decoy

424964.com

ocean-breath-retreat.com

icidedansdehors.art

wrochtthurl.quest

6455gfg.top

dgfipmailservice.online

banjofarmenica.com

dkcazin.com

jobs-fp.com

karens-kornerr.com

parmaesq.com

nuevochile.net

inputsquad.com

consultacedula-sep.digital

taogoubao.net

gimmesolar.com

bluelacedefense.com

grandagent.club

warqatalzawaj.com

getvirbelanow.com

Targets

- Target
  
  30ecbf4099805c165a5b658b5e38437981eb2b8ce0b6b8939864ed68bed8c067
- Size
  
  491KB
- MD5
  
  38ceab9fa00f14db5b001bf1cdaa6f47
- SHA1
  
  9831dd267b5f5c5fbd79b9505f3ce6d13c65871e
- SHA256
  
  30ecbf4099805c165a5b658b5e38437981eb2b8ce0b6b8939864ed68bed8c067
- SHA512
  
  4a7a974da627ba3792e25b4f1d9a41a7eb32935b284254456da451b6c81a68505d867d93c08b86d978695bd73fc36337763c034dd54a7bde29a4a589611a0550
- SSDEEP
  
  12288:hX7DTteAIWWPaV47XuUcps+RR4hvLqdlRL3FpRbg3cMoJrxo:NrteA7D3ps/cm
Score

10^/10

xloader m3ci discovery loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader family
  xloader
- Xloader payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xloaderm3cidiscoveryloaderrat

behavioral2

xloaderm3cidiscoveryloaderrat