xloader_apk | 3cb7aec0318711c507da8cb40885e1b01571d5df9b3d63f6316eb230ece35a97 | Triage

Submit
Reports

Overview

overview

Static

static

Android APK

android_x86

Sharing

General

Target

zKwKlSnUuQeZa.apk
Size

218KB
Sample

201202-g2fwrjyfea
MD5

212c1bc0fd51bc8c839d01cfd56f1b9b
SHA1

96d5735d08fa051d93a7d67d5ce4484f52acba07
SHA256

3cb7aec0318711c507da8cb40885e1b01571d5df9b3d63f6316eb230ece35a97
SHA512

67bda7312c49ffcfe949b049fb4e22b37ee4748f041029f5cf736bcd007d686611f0617f8142e236a1c00a927a52a2770576f7885d2f8e1e2086c2089aab7520

Score

10^/10

xloader_apk android banker infostealer obfuscation ransomware stealth trojan

Static task

static1

Behavioral task

behavioral1

Sample

zKwKlSnUuQeZa.apk

Resource

android-x86_arm

xloader_apk banker infostealer obfuscation ransomware stealth trojan

android_x86

0 signatures

0 seconds

Malware Config

Extracted

DES_key

Targets

- Target
  
  zKwKlSnUuQeZa.apk
- Size
  
  218KB
- MD5
  
  212c1bc0fd51bc8c839d01cfd56f1b9b
- SHA1
  
  96d5735d08fa051d93a7d67d5ce4484f52acba07
- SHA256
  
  3cb7aec0318711c507da8cb40885e1b01571d5df9b3d63f6316eb230ece35a97
- SHA512
  
  67bda7312c49ffcfe949b049fb4e22b37ee4748f041029f5cf736bcd007d686611f0617f8142e236a1c00a927a52a2770576f7885d2f8e1e2086c2089aab7520
Score

10^/10

xloader_apk banker infostealer obfuscation ransomware stealth trojan
- XLoader, MoqHao
  An Android banker and info stealer.
  trojan infostealer banker xloader_apk
- Removes its main activity from the application launcher
  stealth trojan
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads name of network operator
  Uses Android APIs to discover system information.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

xloader_apkbankerinfostealerobfuscationransomwarestealthtrojan

© 2018-2024

Terms | Privacy