Technical Analysis of Xloader Versions 6 and 7 P2 – Securitricks

216.73.216.6

Technical Analysis of Xloader Versions 6 and 7 P2

· Published 14/02/2025 01:02 · Modified 14/02/2025 01:49

Essential information

Published: 14/02/2025 01:02
Modified: 14/02/2025 01:49
Tags: 2025-02-14 base64 c2 server c2 traffic decoy c2 dword xor dwords formbook pushdo xloader
Related entities: 200 observables, 4 techniques (mitre), 1 malware

Description

The latest versions of the Xloader malware, known as Formbook, use advanced obfuscation techniques to mask critical parts of its code and data, as part of a two-part technical analysis.

External references