Also at https://cstaipas\\.pt/encrypt though this one is #xloader, a fake c2 at: http://www.emberfmeadowzu\\.store/jmy3/
0
0
0
0
#Xloader
Posts tagged #Xloader on Bluesky
Check Point Research Leverages AI to Analyze the Advanced Xloader Malware Threat #None #Check_Point #AI_Analysis #Xloader
0
0
0
0
AIを活用したマルウェア分析の革新!「XLoader 8.0」の解析結果 #チェック・ポイント #AI解析 #XLoader
チェック・ポイントが発表した「XLoader 8.0」に関するAI駆動型解析が実現した新技術。迅速なマルウェア分析の革命がもたらすセキュリティの未来を探る。
0
0
0
0
Generative AI + exported IDA data enabled static reverse engineering of XLoader 8.0; researchers used ChatGPT cloud analysis plus MCP-driven runtime key extraction to recover decrypted strings and hidden C2 domains. #xloader #ChatGPT #malwareanalysis https://bit.ly/47PuRY1
0
0
0
0
Discover how AI accelerates the decryption of XLoader malware, reducing analysis time from days to hours. #CyberSecurity #AI #MalwareAnalysis #XLoader Link: thedailytechfeed.com/ai-speeds-up...
0
0
0
0
Generative AI Supercharges Reverse Engineering Check Point shows how generative AI accelerates XLoader analysis, uncovering real C2s and enabling faster, smarter malware defense. The post Generativ...
#News #Threats #AI #reverse #engineering #XLoader #malware
Origin | Interest | Match
0
1
0
0
Generative AI Supercharges Reverse Engineering Check Point shows how generative AI accelerates XLoader analysis, uncovering real C2s and enabling faster, smarter malware defense. The post Generativ...
#News #Threats #AI #reverse #engineering #XLoader #malware
Origin | Interest | Match
0
1
0
0
#malware #opendir #xloader (small one works, big one not so much) at:
https://royfils\\.com/encrypt/
2cd9b8fb88e7cbbc5c049441fb61e0aea7be23dc7aa2c109c13abefe7a2ac943
4733feaca04e871d4e0bb052f2437a2f46f10852602ea4f8b2f0170f4838dd87
0
0
0
0
Check Point entschlüsselt "XLoader" mit generativer KI
@CheckPointSW #Cybersecurity #Cybersicherheit #GenAI #generativeKI #Infostealer #künstlicheIntelligenz #Security #XLoader
netzpalaver.de/2025/...
1
0
0
0
Checkpoint Research utilizza AI generativa con GPT-5 per velocizzare l’analisi del malware XLoader, riducendo i tempi di reverse engineering da giorni a ore.
#Checkpoint #GPT5 #reverseengineering #xloader
www.matricedigitale.it/2025/11/03/a...
0
0
0
0
~Checkpoint~
Generative AI drastically reduces reverse engineering time for the complex XLoader malware from days to hours.
-
IOCs: taxi-in[. ]online, taskcomputer[. ]xyz, synergydrop[. ]xyz
-
#AI #Malware #ThreatIntel #XLoader
3
0
1
0
2025-08-11 (Monday): Quick post of an #XLoader ( #Formbook ) infection, with a #pcap, email, and #malware sample available at www.malware-traffic-analysis.net/2025/08/11/i...
1
2
0
0
First time I've seen #xloader use @tumblr for traffic noise:
www.joesandbox.com/analysis/1704731/0/iocht...
0
0
0
0
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader reconbee.com/multi-stage-...
#multistagemalware #malwareattack #JSE #PowerShell #agenttesla #XLoader #CyberSecurity #cyberattacks
1
0
0
0
2025-02-26 (Wednesday): #XLoader (#Formbook) distributed through #malspam. The email has an attached PDF document. The PDF has links for a ZIP download, and the ZIP contains files that use DLL side-loading for XLoader.
bit.ly/4bgKRU8
2
1
1
0
Social media post I wrote for my employer on other platforms: 2025-02-26 (Wednesday): #XLoader (#Formbook) sent thru #malspam. Email has an attached PDF document. PDF has links for a ZIP download, and the ZIP contains files using DLL side-loading for XLoader. Details at github.com/PaloAltoNetw...
5
0
0
0
Screenshot of my blog post with analysis of the XLoader infection.
XLoader distributed as a RAR attachment to an email. The malware is a Windows executable file within that RAR archive.
Traffic from the XLoader infection filtered in Wireshark.
XLoader persistent on the infected Windows host through a Windows registry update.
2025-01-30 (Thursday): #XLoader infection. Unlike my previous XLoader infections, this one didn't run in my VM, so I used a physical host. A #pcap of the infection traffic, the associated malware samples, and more info is available at malware-traffic-analysis.net/2025/01/30/i...
10
4
0
0
Hey @da_667 ...you seen this UA with #xloader yet?
<url method="POST" uri="/k2i2/" host="www\\.gayhxi\\.info" user_agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/538.1 (KHTML, like Gecko) FoxyWhore Safari/538.1"/>
1
0
0
0
An #expiro (believe it or not) dropping #xloader
app.any.run/tasks/43f807...
fake c2 and campaign:
http ://www.sunnyz.store/px6j
1
0
1
0
Screenshot of the email pushing Formbook (XLoader) malware
RAR archive from the email showing its content, a Windows executable for Formbook (XLoader)
Traffic from the Formbook (XLoader) infection filtered in Wireshark
2024-12-09 (Monday): #Malspam example pushing #Formbook / #XLoader. Attachment is a RAR archive, but the file name has a .Z file extension. Contains signed Windows EXE. Otherwise, it's just another Monday. Sample available at bazaar.abuse.ch/sample/78ab8...
0
0
0
0
Screenshot of malicious spam (malspam) with malware file attachment.
Traffic from the XLoader (Formbook) infection filtered in Wireshark.
2024-11-22 (Friday) #XLoader / #Formbook: I've been fired by my non-existent HR department. At least I got a "salary-receipt.exe" bazaar.abuse.ch/sample/003b5...
Tria.ge and Any.Run don't identify the malware, but Joe Sandbox does: www.joesandbox.com/analysis/156...
Also runs in my lab just fine
17
10
2
0
