General

  • Target

    vkgeziflkn.apk

  • Size

    207KB

  • Sample

    210209-1zkqnftfjs

  • MD5

    8cf8c473e9d2e1014f2d8eafe369e471

  • SHA1

    bc6671d0d4042ca00c9ed3253e50c8b7d56786dd

  • SHA256

    1799aa752deef8d20e228fa22dbccd763560e0fa2704eabfab98d8b72ddf2d27

  • SHA512

    ff9fc1493e03381cc7dcdc56227ed343716baca828511a387e15bb701392e0c34f512ed5f58a4e913037e9ee23e294cae6043395df32a378359f27b8e7456a57

Malware Config

Extracted

DES_key

Targets

    • Target

      vkgeziflkn.apk

    • Size

      207KB

    • MD5

      8cf8c473e9d2e1014f2d8eafe369e471

    • SHA1

      bc6671d0d4042ca00c9ed3253e50c8b7d56786dd

    • SHA256

      1799aa752deef8d20e228fa22dbccd763560e0fa2704eabfab98d8b72ddf2d27

    • SHA512

      ff9fc1493e03381cc7dcdc56227ed343716baca828511a387e15bb701392e0c34f512ed5f58a4e913037e9ee23e294cae6043395df32a378359f27b8e7456a57

    • XLoader, MoqHao

      An Android banker and info stealer.

    • Removes its main activity from the application launcher

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads name of network operator

      Uses Android APIs to discover system information.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks