zKwKlSnUuQeZa.apk

General
Target

zKwKlSnUuQeZa.apk

Size

218KB

Sample

201202-g2fwrjyfea

Score
10 /10
MD5

212c1bc0fd51bc8c839d01cfd56f1b9b

SHA1

96d5735d08fa051d93a7d67d5ce4484f52acba07

SHA256

3cb7aec0318711c507da8cb40885e1b01571d5df9b3d63f6316eb230ece35a97

SHA512

67bda7312c49ffcfe949b049fb4e22b37ee4748f041029f5cf736bcd007d686611f0617f8142e236a1c00a927a52a2770576f7885d2f8e1e2086c2089aab7520

Malware Config

Extracted

DES_key
Targets
Target

zKwKlSnUuQeZa.apk

MD5

212c1bc0fd51bc8c839d01cfd56f1b9b

Filesize

218KB

Score
10 /10
SHA1

96d5735d08fa051d93a7d67d5ce4484f52acba07

SHA256

3cb7aec0318711c507da8cb40885e1b01571d5df9b3d63f6316eb230ece35a97

SHA512

67bda7312c49ffcfe949b049fb4e22b37ee4748f041029f5cf736bcd007d686611f0617f8142e236a1c00a927a52a2770576f7885d2f8e1e2086c2089aab7520

Tags

Signatures

  • XLoader, MoqHao

    Description

    An Android banker and info stealer.

    Tags

  • Removes its main activity from the application launcher

  • Loads dropped Dex/Jar

    Description

    Runs executable file dropped to the device during analysis.

  • Reads name of network operator

    Description

    Uses Android APIs to discover system information.

  • Uses Crypto APIs (Might try to encrypt user data).

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation