Overview

overview

10

Static

static

10

11fe58d7fa...7c.exe

windows7-x64

1

11fe58d7fa...7c.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11fe58d7faa05cd255a85be0415f9adac6dfbbf5f03556a48d074a6ef2a2ba7c

  • Size

    168KB

  • MD5

    ce29de8456065f8f3fd99e40cdf939b6

  • SHA1

    7d2661c9016caaaadceaea33fe4f126a640c3a17

  • SHA256

    11fe58d7faa05cd255a85be0415f9adac6dfbbf5f03556a48d074a6ef2a2ba7c

  • SHA512

    7e09419467848196e93086be6580b4587c5597d20506840acd585798977d42273df1054ed737f39bc3b3d05c8e947a612cfc9fb79d91c0c54505f33f48901b97

  • SSDEEP

    3072:A2JTvj1blSi3CTMqMiChMDJf9/EW9TGmsGnuBVMpzs0:ASVwPMi8219/EW9F/ufyo0

Score
10/10
ratgomaxloader

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

goma

Decoy

gcs-eu.com

cooler-kitchen.xyz

flisleckies.club

recruitresumelibrary.com

themorningprayer.com

kokbet99.net

isabellemariahwriter.com

mfialias.xyz

sjzjggl.com

khryzmaparis.com

funologists.com

seitzproperties.net

fromdeserttojungle.com

vigwam.com

0xindex.xyz

wwwkan84.net

ramashi.com

noithoigiandonglai.com

bestdictionary.net

498141.com

Signatures

  • Xloader family
    xloader
  • Xloader payload 1 IoCs
    rat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 11fe58d7faa05cd255a85be0415f9adac6dfbbf5f03556a48d074a6ef2a2ba7c
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections