Overview

overview

10

Static

static

10

b65f92184e...50.exe

windows7-x64

1

b65f92184e...50.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b65f92184eaa879d02d6b4033d26c472a29f0eb6a20942adf900fca67bf33050

  • Size

    168KB

  • MD5

    6589ba481e893634f4f12a26fa6095c9

  • SHA1

    cd094c5a406b8965315fe8151f9ec591a0e87b06

  • SHA256

    b65f92184eaa879d02d6b4033d26c472a29f0eb6a20942adf900fca67bf33050

  • SHA512

    d668546c3446b0c191764802f5483cfdec1689085065079453e89f16aa44fcbb5e2c1eb44f85913277d747b1c3f44adaa6dcfa35367751f50f000c4afbfb897c

  • SSDEEP

    3072:8yJQYOjI3LVgtuMWiMqnhO7v52tZkcMemyo1e2nfho64i:8ZIYpMqn07h2tZkbGoDfLj

Score
10/10
ratp4smxloader

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

p4sm

Decoy

sdlfhkjds.com

artplay.xyz

companyintel.tools

upyourstatus.store

hale-houkan.net

ktth770am.com

mymaidprofile.com

pyrmontwealth.com

vulcanopresale.icu

stepaheadboutique.com

fendoremi.com

amazemedeals.com

comunidadsgi.com

aedifice.group

samsamfb.com

onlinegiftcards.xyz

idodevice.com

itsme-i.xyz

snthm.com

scanourcan.com

Signatures

  • Xloader family
    xloader
  • Xloader payload 1 IoCs
    rat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b65f92184eaa879d02d6b4033d26c472a29f0eb6a20942adf900fca67bf33050
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections