xloader | 7edd00048ddf8d25b827812805f7e7f4d3a9a5508a1693d28c5e6d5b701c02f4

General

Target

7edd00048ddf8d25b827812805f7e7f4d3a9a5508a1693d28c5e6d5b701c02f4
Size

172KB
Sample

241121-yvdefawnay
MD5

1a17462b5ac64feb0ef293044b89e7c2
SHA1

00baf0edd715a9f67cbe69ddcbd53ed7472f5b08
SHA256

7edd00048ddf8d25b827812805f7e7f4d3a9a5508a1693d28c5e6d5b701c02f4
SHA512

af30430f3cd2f13f1952c9f71dca5114024c93f2dcc01a10cd94be95ad240d0e483d1509b4746243c13a57079954d6326eaa475e8b9dc415d22a8178a963e54d
SSDEEP

3072:E1k8zmYVB4pT3tosWlHs5QULdGSNXLpHiRwPbmoz75xENLeX3:E1V4noLs5EmXLpHiuPbmo35xsL

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.6

Campaign

uu0p

Decoy

easeupp.com

ffffcc.xyz

commercialsymposium.com

bahamascargologistics.com

avajwelr.xyz

flipwatch.xyz

serprobumar.com

zlasher.store

zxlsn6.com

xiaojiaowanwan.com

hrkpacking.com

visitprnow.com

stkjzz.com

printfusion.net

blackoakssavannah.com

yuiseika.com

watnefarms.com

oneclickmsp.com

niu-tou.com

wholytraffic.com

Targets

- Target
  
  7edd00048ddf8d25b827812805f7e7f4d3a9a5508a1693d28c5e6d5b701c02f4
- Size
  
  172KB
- MD5
  
  1a17462b5ac64feb0ef293044b89e7c2
- SHA1
  
  00baf0edd715a9f67cbe69ddcbd53ed7472f5b08
- SHA256
  
  7edd00048ddf8d25b827812805f7e7f4d3a9a5508a1693d28c5e6d5b701c02f4
- SHA512
  
  af30430f3cd2f13f1952c9f71dca5114024c93f2dcc01a10cd94be95ad240d0e483d1509b4746243c13a57079954d6326eaa475e8b9dc415d22a8178a963e54d
- SSDEEP
  
  3072:E1k8zmYVB4pT3tosWlHs5QULdGSNXLpHiRwPbmoz75xENLeX3:E1V4noLs5EmXLpHiuPbmo35xsL
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2