xloader | cb418b01855ba09edc79d3d6d5924840bdac7de04b4389a4b8e7593da8e267df

General

Target

cb418b01855ba09edc79d3d6d5924840bdac7de04b4389a4b8e7593da8e267df
Size

164KB
Sample

241121-yr9cpswmcs
MD5

843c4d33a44a33ee2dc5bde67f9d64fc
SHA1

84fb411129392de59dae720164e3132b3ffe295c
SHA256

cb418b01855ba09edc79d3d6d5924840bdac7de04b4389a4b8e7593da8e267df
SHA512

b5e2899179f03fc400493390420c1acd5c6ccf058cd59844295c104575109454f5bfdbd83787a5392d76ce910e15d0cf6d02a9b18bd8139e7f09169a17186ad2
SSDEEP

3072:5tpLa2uSwOpTaZEMb1JjcvtyQL8IP3neR5m1DW/:5LCWaOMbbovtyQLJ/efm0

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

6gom

Decoy

formcanary.com

limodaperu.com

iyczf.com

official-dyson.online

photographerencouragepound.xyz

kunhenghuanbao.com

sebslashes.com

xra271sgr.xyz

armorsealonline.com

analyzeatscyi.online

tonghetaiye.com

95r67a.com

phishdissection.com

atef-artgallery.com

polkadotskull.com

sabbietrends.com

lasagaandco.com

funft.xyz

auctionerp.com

travelapps.pro

Targets

- Target
  
  cb418b01855ba09edc79d3d6d5924840bdac7de04b4389a4b8e7593da8e267df
- Size
  
  164KB
- MD5
  
  843c4d33a44a33ee2dc5bde67f9d64fc
- SHA1
  
  84fb411129392de59dae720164e3132b3ffe295c
- SHA256
  
  cb418b01855ba09edc79d3d6d5924840bdac7de04b4389a4b8e7593da8e267df
- SHA512
  
  b5e2899179f03fc400493390420c1acd5c6ccf058cd59844295c104575109454f5bfdbd83787a5392d76ce910e15d0cf6d02a9b18bd8139e7f09169a17186ad2
- SSDEEP
  
  3072:5tpLa2uSwOpTaZEMb1JjcvtyQL8IP3neR5m1DW/:5LCWaOMbbovtyQLJ/efm0
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2