xloader | 97874f538c7efcaa39304fe2b46d8e7af3fcda24d831a0c55f5fb4421c2ecf8d | Triage

Sharing

General

Target

97874f538c7efcaa39304fe2b46d8e7af3fcda24d831a0c55f5fb4421c2ecf8d
Size

365KB
Sample

241122-jjc7zawqds
MD5

07d2ecfaf0b8d5a6a19d3983768bc18c
SHA1

f7ce18f18e43654d08cdae296f481f7f012f3c43
SHA256

97874f538c7efcaa39304fe2b46d8e7af3fcda24d831a0c55f5fb4421c2ecf8d
SHA512

235dd38ab7a8a46af2a9c591df5ce4619983fb78a4edee28bc04372017afa6fd2f5457ba6589913a7e3747f7f67cf20365ba5cecb1eebc2e065dd40697b40db2
SSDEEP

6144:UyeSSU20AC4NCdtXnKHOviYR3/3N/JjvJEnKwa6OrF:7e5U2pC4+1H11/3N/JjAra6OJ

Score

10^/10

xloader s6ap discovery loader rat

Malware Config

Extracted

Family

xloader

Version

2.5

Campaign

s6ap

Decoy

treika.com

xsacn.com

yokutoku.info

cao-catos.ca

summarizing-tool.net

owes.website

doortodelivery.com

minimixblocks.com

irinaorhideya.com

mayerohio.info

godofearth.love

byrdraffst.quest

cavalodomado.com

combatcollective.com

relianceroofsnashville.com

play-google-pokermatch.site

farhadhossain.us

remaxgreatplace.com

usati-consultec.com

improvizy.com

Targets

- Target
  
  QUOTATION REQUEST-77464563548764577.exe
- Size
  
  459KB
- MD5
  
  3897eb8a9102764a1505ea62f1fd99b1
- SHA1
  
  f55a20f3c3bcd5c47aaee6bee97ebc09a8465c0a
- SHA256
  
  d00c073d20fa9d33eb8326798f0853be03a7f13e33bae3ce4c25c44bf25040f4
- SHA512
  
  e0ea30c4cbf71349c58fcc4d328545f7589da60cac4a205a21697be845f1c3e4d96befb0c82cbb82ce89e4261f279ceeacc014562ea828e6806e727b92e638fe
- SSDEEP
  
  12288:W+TT58a4TcM1h5j/UEyuumIKn0Fv6rRYgsHN:Wc34TcQTfyuNIKnJrR5
Score

10^/10

xloader s6ap discovery loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader family
  xloader
- Xloader payload
  rat
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xloaders6apdiscoveryloaderrat

behavioral2

xloaders6apdiscoveryloaderrat