General

  • Target

    e08f166b78b122d480e9fc6f87c78098455d4d1a4b5c87fcc4e19c7fd1bf2d98

  • Size

    207KB

  • Sample

    210219-7cyef45wjn

  • MD5

    083f5e574adf4164ca30c104cb4e1a05

  • SHA1

    9e6145313a9707c90cd6314a00ce0abe4beda47c

  • SHA256

    e08f166b78b122d480e9fc6f87c78098455d4d1a4b5c87fcc4e19c7fd1bf2d98

  • SHA512

    fda35811f9fa53d08d16ebbe0a92b8511aaa0dd5e8812f0c17d4bf9148873927f377500338f77a4ecaca1d7abbbba092d73450f7ed4b4147ad359bcd4a64abb1

Malware Config

Extracted

DES_key

Targets

    • Target

      e08f166b78b122d480e9fc6f87c78098455d4d1a4b5c87fcc4e19c7fd1bf2d98

    • Size

      207KB

    • MD5

      083f5e574adf4164ca30c104cb4e1a05

    • SHA1

      9e6145313a9707c90cd6314a00ce0abe4beda47c

    • SHA256

      e08f166b78b122d480e9fc6f87c78098455d4d1a4b5c87fcc4e19c7fd1bf2d98

    • SHA512

      fda35811f9fa53d08d16ebbe0a92b8511aaa0dd5e8812f0c17d4bf9148873927f377500338f77a4ecaca1d7abbbba092d73450f7ed4b4147ad359bcd4a64abb1

    • XLoader, MoqHao

      An Android banker and info stealer.

    • Removes its main activity from the application launcher

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads name of network operator

      Uses Android APIs to discover system information.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks