Analysis Overview
score
10/10
SHA256
1f90f166ff55a3a3e71e61edb6e3cba7b1a41c58870eec156f34b377950026ed
Threat Level: Known bad
The file sszytrbhuy.apk was found to be: Known bad.
Malicious Activity Summary
XLoader, MoqHao
Removes its main activity from the application launcher
Loads dropped Dex/Jar
Uses reflection
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2021-03-16 11:24
Signatures
N/A
Analysis: behavioral1
Detonation Overview
Submitted
2021-03-16 11:24
Reported
2021-03-16 11:27
Platform
android-x86_64_arm64
Max time kernel
986335s
Max time network
163s
Command Line
k.iswm.shewn
Signatures
XLoader, MoqHao
Removes its main activity from the application launcher
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Loads dropped Dex/Jar
| Description | Indicator | Process | Target |
| N/A | /data/user/0/k.iswm.shewn/files/dex | N/A | N/A |
| N/A | /data/user/0/k.iswm.shewn/files/dex | N/A | N/A |
Uses reflection
| Description | Indicator | Process | Target |
| Acesses field com.android.okhttp.internal.tls.OkHostnameVerifier.INSTANCE | N/A | N/A | N/A |
| Invokes method android.telephony.SignalStrength.getLevel | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Invokes method android.os.PowerManager.isIgnoringBatteryOptimizations | N/A | N/A | N/A |
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Processes
k.iswm.shewn
Network
| Country | Destination | Domain | Proto |
| N/A | 172.217.168.234:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| N/A | 172.217.17.68:443 | udp | |
| N/A | 142.250.102.188:5228 | mtalk.google.com | tcp |
| N/A | 8.8.8.8:53 | play.googleapis.com | udp |
| N/A | 8.8.8.8:53 | m.vk.com | udp |
| N/A | 87.240.190.72:443 | m.vk.com | tcp |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 8.8.4.4:53 | play.googleapis.com | udp |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 8.8.8.8:53 | www.googletagmanager.com | udp |
| N/A | 172.217.168.232:443 | www.googletagmanager.com | tcp |
| N/A | 142.250.102.188:5228 | mtalk.google.com | tcp |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 8.8.8.8:53 | play.googleapis.com | udp |
| N/A | 216.58.208.106:443 | play.googleapis.com | tcp |
| N/A | 216.58.208.106:443 | play.googleapis.com | tcp |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 8.8.8.8:53 | ssl.google-analytics.com | udp |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 8.8.4.4:53 | ssl.google-analytics.com | udp |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 8.8.8.8:53 | fonts.gstatic.com | udp |
| N/A | 172.217.19.195:443 | fonts.gstatic.com | tcp |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp | |
| N/A | 61.97.248.13:28846 | tcp |
Files
N/A