xloader | 0f8e1f0d08fd54d30dd13d25c40ad89e66c74991c961cdece5f752c52a8c8037

General

Target

0f8e1f0d08fd54d30dd13d25c40ad89e66c74991c961cdece5f752c52a8c8037
Size

164KB
Sample

241121-zb245a1qgl
MD5

6918e9684afe05aa72a234c272e7b1f2
SHA1

7d191105dfb2664bdbeebe8caf31f6904ec57ddc
SHA256

0f8e1f0d08fd54d30dd13d25c40ad89e66c74991c961cdece5f752c52a8c8037
SHA512

8d4fb685daae4714e6f95ed15c8fac593b777db27ee37b4e1cc4fe19a32d5b536ecc0a909595c8688c3245cc36e6314f7ad77aaecf93acd162e86139f523dd2a
SSDEEP

3072:XbapnFQ2pDjD989MREXeFA7JJ9PgkGoV3bK71u9VxaR:LOFtVMMR0aAb9PgkGK61iVS

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

6rnk

Decoy

putaojiau.com

insidersbyio.com

senda-piano.com

yuanshuku.com

homeconspiracies.com

wa1313.xyz

takesatisfy.club

yoashee.com

classificationmetallurgie.com

1222074.com

uteexperience.com

savagereviews.xyz

dybtcb.com

peeltown.com

gymbarbie.com

gruponeoenergia.com

raidthebookies.com

one-to-one-property.com

thepoint.store

thesaymedical.com

Targets

- Target
  
  0f8e1f0d08fd54d30dd13d25c40ad89e66c74991c961cdece5f752c52a8c8037
- Size
  
  164KB
- MD5
  
  6918e9684afe05aa72a234c272e7b1f2
- SHA1
  
  7d191105dfb2664bdbeebe8caf31f6904ec57ddc
- SHA256
  
  0f8e1f0d08fd54d30dd13d25c40ad89e66c74991c961cdece5f752c52a8c8037
- SHA512
  
  8d4fb685daae4714e6f95ed15c8fac593b777db27ee37b4e1cc4fe19a32d5b536ecc0a909595c8688c3245cc36e6314f7ad77aaecf93acd162e86139f523dd2a
- SSDEEP
  
  3072:XbapnFQ2pDjD989MREXeFA7JJ9PgkGoV3bK71u9VxaR:LOFtVMMR0aAb9PgkGK61iVS
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2