xloader | cd5c4b96ea4d62dbe390db53b7c76529eb34d77977359fbd32ab66dd8fd3c675

General

Target

cd5c4b96ea4d62dbe390db53b7c76529eb34d77977359fbd32ab66dd8fd3c675
Size

164KB
Sample

241121-zejrys1rdq
MD5

73c62e3a4760db8fa9422c418651163e
SHA1

9261bc526a13204dd8612261d4bded84fb7333dc
SHA256

cd5c4b96ea4d62dbe390db53b7c76529eb34d77977359fbd32ab66dd8fd3c675
SHA512

d4a41fc911a48d45a77827b55debca5e61a6cbea17ab4da4cc8080652a62d1c7b6c26260b4ff0242de7ecc1c6abbab5e153ffe05ab3bc304c122c0185db79d6e
SSDEEP

3072:9xJLQjj70rIsWYmMyD/DF6QdpLlosFGOmfwuRpxkSbif2K:9vd2HMyrhDdpLlosMOxuNK

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

vfm2

Decoy

swedishchess.com

vanlifedubai.com

srespd.com

aquaeyego.com

mipily.com

wolderland-technologiesmy.com

reidandwriteon.com

realtywithgeorge.com

thomasangelop.com

innotecon.com

alternativedata.services

shogohorinouchi.com

fuliba001.xyz

levelprism.com

auditocity.club

opmatix.com

eds.center

sophia-tokimeki.com

htbrasil.com

trueacademia.com

Targets

- Target
  
  cd5c4b96ea4d62dbe390db53b7c76529eb34d77977359fbd32ab66dd8fd3c675
- Size
  
  164KB
- MD5
  
  73c62e3a4760db8fa9422c418651163e
- SHA1
  
  9261bc526a13204dd8612261d4bded84fb7333dc
- SHA256
  
  cd5c4b96ea4d62dbe390db53b7c76529eb34d77977359fbd32ab66dd8fd3c675
- SHA512
  
  d4a41fc911a48d45a77827b55debca5e61a6cbea17ab4da4cc8080652a62d1c7b6c26260b4ff0242de7ecc1c6abbab5e153ffe05ab3bc304c122c0185db79d6e
- SSDEEP
  
  3072:9xJLQjj70rIsWYmMyD/DF6QdpLlosFGOmfwuRpxkSbif2K:9vd2HMyrhDdpLlosMOxuNK
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2