xloader | d6656ad04ea222e6fc8b0dee9bd8542ac239f093d9a51a3acdf4c309c8078696

General

Target

d6656ad04ea222e6fc8b0dee9bd8542ac239f093d9a51a3acdf4c309c8078696
Size

168KB
Sample

241121-zf8gps1rhk
MD5

2b953be58c6e157c860848dfec981b2f
SHA1

407432103e8ff29215db65f1df2bffb66ae83dca
SHA256

d6656ad04ea222e6fc8b0dee9bd8542ac239f093d9a51a3acdf4c309c8078696
SHA512

52ada1e0a68137d20a0ae7ca15e9afffe744a90da23387c4b8a3b6cfdcf17f417cfc543f461338c3126e6e5c6828bd991e58b0d881daad8d14d4b93854140198
SSDEEP

3072:77psu29X3q09JMhQ3KoGIdTocCaLwe7cyJguXQPkb5:7KTfHMhQ71dToc/7cwV

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

mwfc

Decoy

wwwmwrfinancial.com

fastfreightrucking.com

mollyagee.com

crm-harmonysoft.com

bdlancers.net

feelimi.com

lilnasxshops.com

digibizvietnam.com

theodorebfox.com

podalijokte.quest

eotwlive.com

everydayisablessings.com

fexfer.com

regalosyartesania.com

piscineconnect.com

xxkyz.com

haematopoiesis.art

xhxwmw.com

angelawentzmusicstudio.com

mydna.online

Targets

- Target
  
  d6656ad04ea222e6fc8b0dee9bd8542ac239f093d9a51a3acdf4c309c8078696
- Size
  
  168KB
- MD5
  
  2b953be58c6e157c860848dfec981b2f
- SHA1
  
  407432103e8ff29215db65f1df2bffb66ae83dca
- SHA256
  
  d6656ad04ea222e6fc8b0dee9bd8542ac239f093d9a51a3acdf4c309c8078696
- SHA512
  
  52ada1e0a68137d20a0ae7ca15e9afffe744a90da23387c4b8a3b6cfdcf17f417cfc543f461338c3126e6e5c6828bd991e58b0d881daad8d14d4b93854140198
- SSDEEP
  
  3072:77psu29X3q09JMhQ3KoGIdTocCaLwe7cyJguXQPkb5:7KTfHMhQ71dToc/7cwV
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2