xloader | 60da0318346aac0f9211dce7534a2ac3773b9304294d731be8067c5efbb54f3d

General

Target

60da0318346aac0f9211dce7534a2ac3773b9304294d731be8067c5efbb54f3d
Size

164KB
Sample

241121-yxn9qawnhw
MD5

88a6f7921fe56eec27cd6bd531a3f554
SHA1

c576982b476ff95a8e9245e8c14d472f6de0bb32
SHA256

60da0318346aac0f9211dce7534a2ac3773b9304294d731be8067c5efbb54f3d
SHA512

8da8fb03b9ee34187e5473ac128feb64fc66e45e27ffd15d91ea9c814b85ee313a685546bd4b5c5d2e3f718d0fd94ada72472dc0a182200dc7a9b12fc2eba1bd
SSDEEP

3072:hJdk2qKBsFqqW8wMjxnHDELuJdUF7mQapNNqX9aTHSxZIS:RSvWZMjtjeuJdUF7NazsNe4

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

q2au

Decoy

chassere.com

servpro11517.com

sfgm.xyz

addesbarst.quest

promotion.moe

946acg.net

lightwalkco.com

linkclose.com

dm-natural.com

formuladreamz.com

visitnewrichmond.com

modelahs.com

emulging.com

citifiedbrandinghub.com

meyerranch.realty

bhs-online.com

ai-technology-online-ru.digital

lendsoar.com

dryelm.com

farmchikllc.com

Targets

- Target
  
  60da0318346aac0f9211dce7534a2ac3773b9304294d731be8067c5efbb54f3d
- Size
  
  164KB
- MD5
  
  88a6f7921fe56eec27cd6bd531a3f554
- SHA1
  
  c576982b476ff95a8e9245e8c14d472f6de0bb32
- SHA256
  
  60da0318346aac0f9211dce7534a2ac3773b9304294d731be8067c5efbb54f3d
- SHA512
  
  8da8fb03b9ee34187e5473ac128feb64fc66e45e27ffd15d91ea9c814b85ee313a685546bd4b5c5d2e3f718d0fd94ada72472dc0a182200dc7a9b12fc2eba1bd
- SSDEEP
  
  3072:hJdk2qKBsFqqW8wMjxnHDELuJdUF7mQapNNqX9aTHSxZIS:RSvWZMjtjeuJdUF7NazsNe4
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2