xloader | cc3fbddc88503f900e39451b7adba21f4ef5db5a289bbda4cde6fcd6f65f4336

General

Target

cc3fbddc88503f900e39451b7adba21f4ef5db5a289bbda4cde6fcd6f65f4336
Size

164KB
MD5

6ec54a8c76658d397293173c04e0d96f
SHA1

fb6ea26da9d42846d464468ee7590cbb831e5b50
SHA256

cc3fbddc88503f900e39451b7adba21f4ef5db5a289bbda4cde6fcd6f65f4336
SHA512

e78fba77638d21ed18902469ab72ec6a5388a1dd64cd4dcba2231f23bd3bd1e10718832606e333fc4bdd265336537c61ea886c70c9ec3378fa8459dfe0c4b256
SSDEEP

3072:gE1Jbuzjgj3EQXOh3pyvMQcDszWNYFUNRFZvBJAk5GL1PSv9Se:gEjuhD3p4MQMmWvNRFZ7AsGJavd

Score

10^/10

rat rugs xloader

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

rugs

Decoy

modktchn.com

autoairplay.com

gadgetvictory.com

view-one.online

green-zen.club

xysgsjc.com

unikokitchen-usa.com

arteologia.store

clearing.global

metaelectron.com

eldovera.com

mcftaxacct.com

mainlinepak.com

flawlessvn.online

ureumpomp.com

loribethperez.com

willahandcreations.com

fileextensiondownload.com

dadsgametoo.com

dolphinec.com

Signatures

Xloader family
xloader

Xloader payload 1 IoCs

rat

resource	yara_rule
sample	xloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc3fbddc88503f900e39451b7adba21f4ef5db5a289bbda4cde6fcd6f65f4336

Files

cc3fbddc88503f900e39451b7adba21f4ef5db5a289bbda4cde6fcd6f65f4336
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 159KB - Virtual size: 158KB

.text
Size: 159KB - Virtual size: 158KB