xloader | e8fd1fe417b0cb9377670fb2b9ba71fef92ff54aa6a2abbf1b8a829c3f639639

General

Target

e8fd1fe417b0cb9377670fb2b9ba71fef92ff54aa6a2abbf1b8a829c3f639639
Size

164KB
Sample

241121-yrt8sawmaz
MD5

695967dc3655479079d0cd1b9face3ba
SHA1

b2ad06614fb66d7f0d60166b56f37c9cb4bc218c
SHA256

e8fd1fe417b0cb9377670fb2b9ba71fef92ff54aa6a2abbf1b8a829c3f639639
SHA512

7e02aaf4624a84ca6c811cab9f0e8ca18a9465593236bcf82e60297718c8d97acdcd248f111f859d08f08fa89a03f187bf224d6ea2ab30e04e62dcf4be8bb020
SSDEEP

3072:RJBQ2537tj/IMSoHanSor9eYzcLs22D1tyq3l:9JpgMSEQSor9eYz122H1

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

fnn4

Decoy

printallcity.com

fabrika-zdorovya.online

hangwithx.net

huibao5.com

atlantahousingsolutions.com

gamusemenu.com

centroculturaltranscendere.com

findaneasyjob.com

linguimatics.com

acaadjkhdakjkdh.space

512mulching.com

steelseries.biz

esgnotifier.com

ruitavares.com

dwx36.com

achievingrecoverytogether.com

stablebot.tech

iranianroom.com

lapp1.com

philadelphialaws.com

Targets

- Target
  
  e8fd1fe417b0cb9377670fb2b9ba71fef92ff54aa6a2abbf1b8a829c3f639639
- Size
  
  164KB
- MD5
  
  695967dc3655479079d0cd1b9face3ba
- SHA1
  
  b2ad06614fb66d7f0d60166b56f37c9cb4bc218c
- SHA256
  
  e8fd1fe417b0cb9377670fb2b9ba71fef92ff54aa6a2abbf1b8a829c3f639639
- SHA512
  
  7e02aaf4624a84ca6c811cab9f0e8ca18a9465593236bcf82e60297718c8d97acdcd248f111f859d08f08fa89a03f187bf224d6ea2ab30e04e62dcf4be8bb020
- SSDEEP
  
  3072:RJBQ2537tj/IMSoHanSor9eYzcLs22D1tyq3l:9JpgMSEQSor9eYz122H1
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2