xloader | d06119288887a7b5ab171764355d33ee5468d044f90d1389df4599abf1bdbf70

General

Target

d06119288887a7b5ab171764355d33ee5468d044f90d1389df4599abf1bdbf70
Size

164KB
Sample

241121-ze679a1rfk
MD5

e953218b46ccaf9cf51a53b215f434f0
SHA1

dc420734fb52d37fc842e00660b19ef9946927a0
SHA256

d06119288887a7b5ab171764355d33ee5468d044f90d1389df4599abf1bdbf70
SHA512

53f9bbe2d8766d0c8835388bf77e36944a8f0ada4963d7b0df6e53effe073e364e7a06cb16dbb2a6301877f668639a18d18d951ef09972103e42c9e3ffa1b5d0
SSDEEP

3072:ospj32rVxXeD9K3Mw8H4rZRZl9vY8zR3ZfZrAQf0ob9:o4aoUMwC4119vYS3ZG

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

inws

Decoy

impactphp.com

eyfliq.com

mymedscooler.com

theroamingnotary.com

ciberdylan.com

martsandbots.com

mailpick.digital

seriousyum.com

merlinproduction.com

transportmetspoed.com

iss-sa.com

sana-gov.xyz

gingure.com

greenvle.com

jaspershistory.com

ellensburgrugby.com

springvalleyplumbers.com

lj-safe-keepingtoyof6.xyz

constantinebeach.com

theaccuratecare.com

Targets

- Target
  
  d06119288887a7b5ab171764355d33ee5468d044f90d1389df4599abf1bdbf70
- Size
  
  164KB
- MD5
  
  e953218b46ccaf9cf51a53b215f434f0
- SHA1
  
  dc420734fb52d37fc842e00660b19ef9946927a0
- SHA256
  
  d06119288887a7b5ab171764355d33ee5468d044f90d1389df4599abf1bdbf70
- SHA512
  
  53f9bbe2d8766d0c8835388bf77e36944a8f0ada4963d7b0df6e53effe073e364e7a06cb16dbb2a6301877f668639a18d18d951ef09972103e42c9e3ffa1b5d0
- SSDEEP
  
  3072:ospj32rVxXeD9K3Mw8H4rZRZl9vY8zR3ZfZrAQf0ob9:o4aoUMwC4119vYS3ZG
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2