xloader | 758b9e71b7bb319d47ab4f8083e95c036030aa1d37eb492e9ab8b673b04ffad1

General

Target

758b9e71b7bb319d47ab4f8083e95c036030aa1d37eb492e9ab8b673b04ffad1N.exe
Size

160KB
Sample

241128-tvx2masqds
MD5

527c33774026835e55d7df64804e2f20
SHA1

7cfeca846859b3e336d61ac80ffe5ed2243f8b4b
SHA256

758b9e71b7bb319d47ab4f8083e95c036030aa1d37eb492e9ab8b673b04ffad1
SHA512

dbe6ba11a3962aa1b72d2a25fdccaf57c0f11c3cb3d8b6e25da1ed3c938fe5869d83e3aff2949cc5308bbd31664d11ad8c1f1f4f8d5cd67c2a2916cbaecf8565
SSDEEP

3072:EBjYvjX6jjyNuloSQvBUe0aYLDpDsOoc0+OzrTAvRFpm1P0:o/22oSmWHaY3pAOoc0+OLCRG6

Score

10^/10

Malware Config

Extracted

Family

xloader

Version

2.3

Campaign

udew

Decoy

danieleawilliams.com

miladjalilian.com

hzmila.com

elecreator.com

instrep.com

4tongzhi.com

sltreeserv.com

expressrev.com

dataresearchcenter.com

filmblingalley.com

3buagency.com

hxjh888.com

gotmetwistedcomb.com

vihco.com

scg.solutions

drcvkm.com

frostresorts.com

gintech.co.uk

luxury-holding.com

roupasdobras.com

Targets

- Target
  
  758b9e71b7bb319d47ab4f8083e95c036030aa1d37eb492e9ab8b673b04ffad1N.exe
- Size
  
  160KB
- MD5
  
  527c33774026835e55d7df64804e2f20
- SHA1
  
  7cfeca846859b3e336d61ac80ffe5ed2243f8b4b
- SHA256
  
  758b9e71b7bb319d47ab4f8083e95c036030aa1d37eb492e9ab8b673b04ffad1
- SHA512
  
  dbe6ba11a3962aa1b72d2a25fdccaf57c0f11c3cb3d8b6e25da1ed3c938fe5869d83e3aff2949cc5308bbd31664d11ad8c1f1f4f8d5cd67c2a2916cbaecf8565
- SSDEEP
  
  3072:EBjYvjX6jjyNuloSQvBUe0aYLDpDsOoc0+OzrTAvRFpm1P0:o/22oSmWHaY3pAOoc0+OLCRG6
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2