xloader_apk | a8f5979a21824121f4315cda63d9db3f9bc8c79ed7c7c2c767d3d1b55dcb4572 | Triage

Submit
Reports

Overview

overview

Static

static

Android APK

android_x86_64

Sharing

General

Target

jFrSeMuVbVdLeFtUt.apk
Size

218KB
Sample

201204-w8xgf8jgr6
MD5

e84d5570be8386f2ba88530c442dded0
SHA1

8a448626c60248fb8bc13309e3b1761eeb1beba9
SHA256

a8f5979a21824121f4315cda63d9db3f9bc8c79ed7c7c2c767d3d1b55dcb4572
SHA512

b71d2c549ccad5bc7fc537d0bc1294e4064dcbac9023a06c9c4ea6b589a643ad446bdbff11fe1a1ea4a731ac8bf178ce958ab97a4d9eeb6ca7716584487c92d1

Score

10^/10

xloader_apk android banker infostealer obfuscation ransomware stealth trojan

Static task

static1

Behavioral task

behavioral1

Sample

jFrSeMuVbVdLeFtUt.apk

Resource

android-x86_64

xloader_apk banker infostealer obfuscation ransomware stealth trojan

android_x86_64

0 signatures

0 seconds

Malware Config

Extracted

DES_key

Targets

- Target
  
  jFrSeMuVbVdLeFtUt.apk
- Size
  
  218KB
- MD5
  
  e84d5570be8386f2ba88530c442dded0
- SHA1
  
  8a448626c60248fb8bc13309e3b1761eeb1beba9
- SHA256
  
  a8f5979a21824121f4315cda63d9db3f9bc8c79ed7c7c2c767d3d1b55dcb4572
- SHA512
  
  b71d2c549ccad5bc7fc537d0bc1294e4064dcbac9023a06c9c4ea6b589a643ad446bdbff11fe1a1ea4a731ac8bf178ce958ab97a4d9eeb6ca7716584487c92d1
Score

10^/10

xloader_apk banker infostealer obfuscation ransomware stealth trojan
- XLoader, MoqHao
  An Android banker and info stealer.
  trojan infostealer banker xloader_apk
- Removes its main activity from the application launcher
  stealth trojan
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads name of network operator
  Uses Android APIs to discover system information.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

xloader_apkbankerinfostealerobfuscationransomwarestealthtrojan

© 2018-2024

Terms | Privacy