xloader | 7fa42dba9779e4864af803ed827272567371ad6d819b558391a244eeca05c5b8

General

Target

7fa42dba9779e4864af803ed827272567371ad6d819b558391a244eeca05c5b8
Size

164KB
Sample

241121-ysjtfawmcy
MD5

8e781b89e0219fea06205b931b7cb9b6
SHA1

76911edc640716aa42e33af2a7cc8106d5ef7027
SHA256

7fa42dba9779e4864af803ed827272567371ad6d819b558391a244eeca05c5b8
SHA512

1ee3eddb6d3ab7d1e8c06c780d814ca0cf6ae59d636204d132775467b7ca0fddb2ccfdc73228070682aa8a2d3633c8a9d175f5a9fe1983f1f7737a39eb91fa71
SSDEEP

3072:mJY9j19PGbpAYvxpSiMkgis0P2Xa0V+lN4FuLXyj1lm:FyDZpSXk40P2Xa0WN4ULXy

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

e3rs

Decoy

padisarealtygroup.com

sagedermatology.com

drlonnrobertson.com

carlesabadtent.com

sophisticatedsignings.com

xn--laufgefhl-w9a.com

sutnsdmxq.icu

atasteofcal.com

ocvcoins.com

trakauto.quest

l2plusleft.com

in-cruise.online

ybappdl.com

county7.com

tenlog020.xyz

eventsweekend.net

zxzxmail.com

65backyard.com

sunnycraftsman.com

sailorswife.online

Targets

- Target
  
  7fa42dba9779e4864af803ed827272567371ad6d819b558391a244eeca05c5b8
- Size
  
  164KB
- MD5
  
  8e781b89e0219fea06205b931b7cb9b6
- SHA1
  
  76911edc640716aa42e33af2a7cc8106d5ef7027
- SHA256
  
  7fa42dba9779e4864af803ed827272567371ad6d819b558391a244eeca05c5b8
- SHA512
  
  1ee3eddb6d3ab7d1e8c06c780d814ca0cf6ae59d636204d132775467b7ca0fddb2ccfdc73228070682aa8a2d3633c8a9d175f5a9fe1983f1f7737a39eb91fa71
- SSDEEP
  
  3072:mJY9j19PGbpAYvxpSiMkgis0P2Xa0V+lN4FuLXyj1lm:FyDZpSXk40P2Xa0WN4ULXy
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2