xloader | 1ad6352350f0b871f3757d1994aa42fee726cdca78834f743f09e8a15bfc3dd1 | Triage

Sharing

General

Target

aa71f2483d9c2e808cd3e3e56c2b463f_JaffaCakes118
Size

740KB
Sample

241128-bqck1svpcl
MD5

aa71f2483d9c2e808cd3e3e56c2b463f
SHA1

cd41370a62b7cab949c04fdcd6578438c410e7c2
SHA256

1ad6352350f0b871f3757d1994aa42fee726cdca78834f743f09e8a15bfc3dd1
SHA512

72d93357b75b7451719c4580fadd00a8885813b8b236fa1e3c4ea2692d516f1ba98f7b320256bf12fd7c5dc02240fe850552694f3aac36cd3facc9bbbb54d2f2
SSDEEP

12288:sqnBhp+gczyhNSvRbBQHR4qz91hI0zSaNsvz+yuWDVId21NaI+E8tyvXck4xeLbf:sqnkCeLWgLX2UxEYTMcDz+BJmdcHlsIE

Score

10^/10

xloader uecu discovery loader rat

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

uecu

Decoy

ishtarhotel.com

woodstrends.icu

jalenowens.com

manno.expert

ssg1asia.com

telepathylaw.com

quickoprintnv.com

abrosnm3.com

lumberjackcatering.com

beachujamaica.com

thomasjeffersonbyrd.com

starryfinds.com

shelavish2.com

royalglamempirellc.com

deixandomeuemprego.com

alexgoestech.xyz

opticamn.com

fermanchevybrandon.com

milbodegas.info

adunarsrl.com

Targets

- Target
  
  aa71f2483d9c2e808cd3e3e56c2b463f_JaffaCakes118
- Size
  
  740KB
- MD5
  
  aa71f2483d9c2e808cd3e3e56c2b463f
- SHA1
  
  cd41370a62b7cab949c04fdcd6578438c410e7c2
- SHA256
  
  1ad6352350f0b871f3757d1994aa42fee726cdca78834f743f09e8a15bfc3dd1
- SHA512
  
  72d93357b75b7451719c4580fadd00a8885813b8b236fa1e3c4ea2692d516f1ba98f7b320256bf12fd7c5dc02240fe850552694f3aac36cd3facc9bbbb54d2f2
- SSDEEP
  
  12288:sqnBhp+gczyhNSvRbBQHR4qz91hI0zSaNsvz+yuWDVId21NaI+E8tyvXck4xeLbf:sqnkCeLWgLX2UxEYTMcDz+BJmdcHlsIE
Score

10^/10

xloader uecu discovery loader rat
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader family
  xloader
- Xloader payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xloaderuecudiscoveryloaderrat

behavioral2

xloaderuecudiscoveryloaderrat