Technical Analysis of Xloader Versions 6 and 7 P2

1(520) 261-1728

Technical Analysis of Xloader Versions 6 and 7 P2

The latest versions of the Xloader malware, known as Formbook, use advanced obfuscation techniques to mask critical parts of its code and data, as part of a two-part technical analysis. Author: AlienVault

Related Tags:
decoy c2

dwords

dword xor

XLoader

Formbook

c2 traffic

Base64

T1573

T1095

Associated Indicators:
362207C53645346DF6F36CF3F7792E5FC4655895B35A6E3477E218E0E0007BE9

4AD101EEF336DC2467FFAF584B272AA82F26711BFBA4E2E29E8AD7C6D62BC6AE

B1FB20D5857D1CA65DBACD6CB100DC2D7DA8EB7CE54D4FAEEBAFB2BBB212BECA

88909CD27A422DA91A651E87F493D16BEFF1F0E03ADCC035F2835A2A25E871E7

AAF992182827D0493B478B9723FDCAB48B1B509D

D49B9092C1CFE65E17BCE7E1331B1952D60951B6

20FED866AF8500AD5EE7D9E6F855ED1AB6A7F736

A9977B3AC94C0C7446DCE767BA211517A05525D6

2D95B8D3A985B14415096EB1ACA093E1

Threat Intel Solutions

Technical Analysis of Xloader Versions 6 and 7 P2

Search

Popular Posts

Youve Got Malware: FINALDRAFT Hides in Your Drafts

Technical Analysis of Xloader Versions 6 and 7 P2

Russian Influence Operations Target German Elections

Categories

Archives

Tags

Follow Us