xloader | 17594d4763855ec8c1b9cfd583b789caa56281275dc9d1257c99e7aec8b59f43

General

Target

17594d4763855ec8c1b9cfd583b789caa56281275dc9d1257c99e7aec8b59f43
Size

119KB
MD5

36dd311425af412da063f606332c55af
SHA1

e9ca980daa0f2705e29ba241e5560fae07a13a68
SHA256

17594d4763855ec8c1b9cfd583b789caa56281275dc9d1257c99e7aec8b59f43
SHA512

2ca2d44a4da25fb45cd32447567304f557fcf7f659de01081cb5a4ddd9e8721866d8fb7e90e61fda336a9041a627da5736817f4ad603a859ffb25c46b787ec5d
SSDEEP

3072:rtfdAYZex2Kx8mUriCBnFMwti+Nim8m7iLuFbSdR0G43iAaPyW3:Zrk2Kx8mUrTFMwtiaidm7iSFQ0r8yW3

Score

10^/10

rat ipa8 xloader

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

ipa8

Decoy

royalposhpups.com

univa.world

lanerbo.com

shopbabygo.com

theutahhomestore.com

serialmixer.icu

linfeiya.com

xn--12cg3de5c2eb5cyi.com

am-conseil-communication.com

dailygame168.com

therightmilitia.com

visions-agency.com

mapopi.com

frugallyketo.com

guapandglo.com

54w-x126v.net

your-health-kick.com

blockchainhub360.com

registernowhd.xyz

votekellykitashima.com

Signatures

Xloader family
xloader

Xloader payload 1 IoCs

rat

resource	yara_rule
static1/unpack001/9f7b903ab126b2a3a0ca3c5977bbf84111f52a6e3a6e43aa127763e1a46b8f2d	xloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/9f7b903ab126b2a3a0ca3c5977bbf84111f52a6e3a6e43aa127763e1a46b8f2d

Files

17594d4763855ec8c1b9cfd583b789caa56281275dc9d1257c99e7aec8b59f43
.zip

Password: infected
9f7b903ab126b2a3a0ca3c5977bbf84111f52a6e3a6e43aa127763e1a46b8f2d
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Password: infected

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 156KB - Virtual size: 156KB

.text
Size: 156KB - Virtual size: 156KB