Overview

overview

10

Static

static

Android APK

android_x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    zKwKlSnUuQeZa.apk

  • Size

    218KB

  • Sample

    201202-g2fwrjyfea

  • MD5

    212c1bc0fd51bc8c839d01cfd56f1b9b

  • SHA1

    96d5735d08fa051d93a7d67d5ce4484f52acba07

  • SHA256

    3cb7aec0318711c507da8cb40885e1b01571d5df9b3d63f6316eb230ece35a97

  • SHA512

    67bda7312c49ffcfe949b049fb4e22b37ee4748f041029f5cf736bcd007d686611f0617f8142e236a1c00a927a52a2770576f7885d2f8e1e2086c2089aab7520

Score
10/10
xloader_apkandroidbankerinfostealerobfuscationransomwarestealthtrojan

Malware Config

Extracted

DES_key
1
4162356431513332

Targets

    • Target

      zKwKlSnUuQeZa.apk

    • Size

      218KB

    • MD5

      212c1bc0fd51bc8c839d01cfd56f1b9b

    • SHA1

      96d5735d08fa051d93a7d67d5ce4484f52acba07

    • SHA256

      3cb7aec0318711c507da8cb40885e1b01571d5df9b3d63f6316eb230ece35a97

    • SHA512

      67bda7312c49ffcfe949b049fb4e22b37ee4748f041029f5cf736bcd007d686611f0617f8142e236a1c00a927a52a2770576f7885d2f8e1e2086c2089aab7520

    Score
    10/10
    xloader_apkbankerinfostealerobfuscationransomwarestealthtrojan

    • XLoader, MoqHao

      An Android banker and info stealer.

      trojaninfostealerbankerxloader_apk

    • Removes its main activity from the application launcher

      stealthtrojan

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads name of network operator

      Uses Android APIs to discover system information.

    • Uses Crypto APIs (Might try to encrypt user data).

      ransomware
    behavioral1

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.