uYtBwZuWpNbLfRy.apk

General
Target

uYtBwZuWpNbLfRy.apk

Size

217KB

Sample

201204-rw4v8lyden

Score
10 /10
MD5

730422686f97a0d2683f8ada6e115f44

SHA1

2df5a30151fd26b7643579717c2b38f7dcfe7457

SHA256

4a81fc9f327245252f3ac0ca61143ec8038a61494d78384592af2c8e899719f8

SHA512

48d079e297e542d6eb203622ea893533740f24943ee6dafe04d1c24eea542adfffe8e5c0b2ca5510daafc5bb696fa035ff4f5cc9dff73c3c0c4c3cd0b6a58a67

Malware Config

Extracted

DES_key
Targets
Target

uYtBwZuWpNbLfRy.apk

MD5

730422686f97a0d2683f8ada6e115f44

Filesize

217KB

Score
10 /10
SHA1

2df5a30151fd26b7643579717c2b38f7dcfe7457

SHA256

4a81fc9f327245252f3ac0ca61143ec8038a61494d78384592af2c8e899719f8

SHA512

48d079e297e542d6eb203622ea893533740f24943ee6dafe04d1c24eea542adfffe8e5c0b2ca5510daafc5bb696fa035ff4f5cc9dff73c3c0c4c3cd0b6a58a67

Tags

Signatures

  • XLoader, MoqHao

    Description

    An Android banker and info stealer.

    Tags

  • Removes its main activity from the application launcher

  • Loads dropped Dex/Jar

    Description

    Runs executable file dropped to the device during analysis.

  • Reads name of network operator

    Description

    Uses Android APIs to discover system information.

  • Uses Crypto APIs (Might try to encrypt user data).

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation