xloader | 5eefe68c8d722983f6943232ff978d3f350a7c7f373c3c20a2abaef8544f1ef3

General

Target

5eefe68c8d722983f6943232ff978d3f350a7c7f373c3c20a2abaef8544f1ef3
Size

164KB
Sample

241121-zlfnwaxncy
MD5

bfc958d7237dea11c968103296577c6d
SHA1

5e437b4e4508158d3d1921e058f38b94dbbb0e33
SHA256

5eefe68c8d722983f6943232ff978d3f350a7c7f373c3c20a2abaef8544f1ef3
SHA512

79d5f8f7ce9b7b94cab52504915a8c476413d20c5173ff6d2dc75904fadf96146dae673f3ddacb324605926ed527757bbc558be50df583dd78b6ef41e4ebe926
SSDEEP

3072:Us5JUdFjZKetlCwWzMsJZx9D5p9MokOxDoPzWYnIe2Ogs:l4ptQMsrTDX97k+0za8

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

g5so

Decoy

ushwyrunner.com

artistickingz.com

1xbet-mw.top

exquisite-epoxy-systems.com

kapelhoek.immo

pawpaw.one

solagoi2017.com

shining-fates.com

personal-translators.com

vkitae.biz

hireamerica.biz

juliesullivansells.com

seams-unusual.com

01071004094.com

room-artgallery.com

jiayingclothing.com

sousouhubeisheng.com

dec2005.xyz

just-comply.com

5pz59.com

Targets

- Target
  
  5eefe68c8d722983f6943232ff978d3f350a7c7f373c3c20a2abaef8544f1ef3
- Size
  
  164KB
- MD5
  
  bfc958d7237dea11c968103296577c6d
- SHA1
  
  5e437b4e4508158d3d1921e058f38b94dbbb0e33
- SHA256
  
  5eefe68c8d722983f6943232ff978d3f350a7c7f373c3c20a2abaef8544f1ef3
- SHA512
  
  79d5f8f7ce9b7b94cab52504915a8c476413d20c5173ff6d2dc75904fadf96146dae673f3ddacb324605926ed527757bbc558be50df583dd78b6ef41e4ebe926
- SSDEEP
  
  3072:Us5JUdFjZKetlCwWzMsJZx9D5p9MokOxDoPzWYnIe2Ogs:l4ptQMsrTDX97k+0za8
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2