xloader | 2689188c95daea0638c99aa09223f44a90e2e7f2e8b77b30f6f4b35cd2e212eb

General

Target

2689188c95daea0638c99aa09223f44a90e2e7f2e8b77b30f6f4b35cd2e212eb
Size

164KB
Sample

241121-yrhvrawmat
MD5

6810355238b534afce0919a60f0b1d30
SHA1

035cf515758ca6a382454d3f4a5c9f6c7e7abaf2
SHA256

2689188c95daea0638c99aa09223f44a90e2e7f2e8b77b30f6f4b35cd2e212eb
SHA512

fadb2e291395dc3c159b05db16238666ee6a6e444674d3ff4cda13890c0577375644a4f3b189f042869d1c9c758e2c4f358ed3a7b711db82e0eb1b4bcb687c01
SSDEEP

3072:DyJQYOjI3LVgtuMWiMqnhO7v52tZkcMemyo1e2nfho64i:DZIYpMqn07h2tZkbGoDfLj

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

p4sm

Decoy

sdlfhkjds.com

artplay.xyz

companyintel.tools

upyourstatus.store

hale-houkan.net

ktth770am.com

mymaidprofile.com

pyrmontwealth.com

vulcanopresale.icu

stepaheadboutique.com

fendoremi.com

amazemedeals.com

comunidadsgi.com

aedifice.group

samsamfb.com

onlinegiftcards.xyz

idodevice.com

itsme-i.xyz

snthm.com

scanourcan.com

Targets

- Target
  
  2689188c95daea0638c99aa09223f44a90e2e7f2e8b77b30f6f4b35cd2e212eb
- Size
  
  164KB
- MD5
  
  6810355238b534afce0919a60f0b1d30
- SHA1
  
  035cf515758ca6a382454d3f4a5c9f6c7e7abaf2
- SHA256
  
  2689188c95daea0638c99aa09223f44a90e2e7f2e8b77b30f6f4b35cd2e212eb
- SHA512
  
  fadb2e291395dc3c159b05db16238666ee6a6e444674d3ff4cda13890c0577375644a4f3b189f042869d1c9c758e2c4f358ed3a7b711db82e0eb1b4bcb687c01
- SSDEEP
  
  3072:DyJQYOjI3LVgtuMWiMqnhO7v52tZkcMemyo1e2nfho64i:DZIYpMqn07h2tZkbGoDfLj
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2