xloader | 76c26d7e1b8e4ae914d3a870d540727bb5ea195777e0d77ee3d83340cfba8082 | Triage

Sharing

General

Target

76c26d7e1b8e4ae914d3a870d540727bb5ea195777e0d77ee3d83340cfba8082
Size

553KB
Sample

241121-yrdk2awlhz
MD5

f0e2e2f1b050d40de2542233122fb342
SHA1

4d48c28ae85b38e1013e44e26c684646ac6234bd
SHA256

76c26d7e1b8e4ae914d3a870d540727bb5ea195777e0d77ee3d83340cfba8082
SHA512

9cd56c017641597023d58a48212e412a86ef552a70810c9ef474dd26cf53cd46cc269e4d9f4259343fa8b8aeda845e09bcff7833c71187c7ebd72d6d030e96dd
SSDEEP

12288:7tfKzOVZdh6MwFYMcw6vpPbRCITh8CnDtlnPclxMV3rM6Dbz1wt1:7tyYZL63bcw6vpPbRfx0lxwbMEf+1

Score

10^/10

xloader e6wb discovery loader rat

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

e6wb

Decoy

assetto.tech

surendramishra.com

bravohealthyskin.com

ipadzones.com

odmitatrends.quest

yfly633.xyz

firstwavegallery.com

moviedmine.com

hdcenergy.com

elbarcotechnology.com

sns-regionv.com

helmiaj.com

asgmedicalservice.store

siraestilistas.com

vbux.xyz

learnstarting.com

oceanmap.store

fullyloadedfiresticks.com

bingojx.com

airelibrerevista.com

Targets

- Target
  
  M7SkDQIpuSpt4KR.exe
- Size
  
  690KB
- MD5
  
  2667b7eff8a62d63f951fcb39018a0d3
- SHA1
  
  76565ed25b4032ae6624ae665651dbc0b87cb591
- SHA256
  
  1fb328a56a2d1a4a30e135a597bf06565d1158e93983622ed6f35af046e66d09
- SHA512
  
  6789fbb7873fb28d87ec8fe3c6247cd6d8992b1cfde94f828b08f76c60f19de8cd1f0402822ce2e00568d03013ce985bdbf46cee4a3c22f1b2913bc581592a12
- SSDEEP
  
  12288:JBzcmhiTtohcWTShZupbhIRebp1SJJoGF+AHO8JY3D/ixBFmRq:JBomhiZJW4MvIR+1+CXd8Jsi1Wq
Score

10^/10

xloader e6wb discovery loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader family
  xloader
- Xloader payload
  rat
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xloadere6wbdiscoveryloaderrat

behavioral2

xloadere6wbdiscoveryloaderrat