Overview

overview

10

Static

static

7

kuronekoyamato.apk

android_x86

10

Analysis

  • max time kernel
    2193211s
  • platform
    android_x86
  • resource
    android-x86-arm
  • submitted
    15-10-2021 06:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    kuronekoyamato.apk

  • Size

    444KB

  • MD5

    be19ba6e627b0cb5a1e4acb7c725a240

  • SHA1

    5f4b437ce703ad85ec0d52a83a8f96c2f9491c29

  • SHA256

    dc2c8a143099b03f2de31b05cf02a7dc68e88b330c8f5a7f9536c69963293380

  • SHA512

    89b376176d63554c620fc42195cd03dbdcf371351fde90bf4ccfb6f2362373d8cf283190b67b0d3e8f3fb1604955749f779ba8fd47473f23b8e81bccd82ba663

Score
10/10
xloader_apkbankerinfostealerobfuscationtrojan

Malware Config

Signatures

  • XLoader Payload 3 IoCs
  • XLoader, MoqHao

    An Android banker and info stealer.

    trojaninfostealerbankerxloader_apk
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 2 IoCs
    obfuscation

Processes

  • oss.epbbyl.enul.tf.pidj
    1⤵
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:4946

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/oss.epbbyl.enul.tf.pidj/files/d
    MD5

    d7f0257d31574b862af05971f883fae0

    SHA1

    252b1b03017de80d8fd70907cda39ce2bfadaddc

    SHA256

    765119852dc93c3a5d397cbaa167ac148856dba9773062626ed4aeb9674f860c

    SHA512

    3a53daaa693c0ee6904d737850d490a40035454931cebdbba865cefcd97df58e0c72e2ac33bbd4c1445f5d056193e81f113c0862d93acecbe74a0bcaa362eac5

    Download Submit
  • /data/user/0/oss.epbbyl.enul.tf.pidj/files/d
    MD5

    d7f0257d31574b862af05971f883fae0

    SHA1

    252b1b03017de80d8fd70907cda39ce2bfadaddc

    SHA256

    765119852dc93c3a5d397cbaa167ac148856dba9773062626ed4aeb9674f860c

    SHA512

    3a53daaa693c0ee6904d737850d490a40035454931cebdbba865cefcd97df58e0c72e2ac33bbd4c1445f5d056193e81f113c0862d93acecbe74a0bcaa362eac5

    Download Submit
  • /data/user/0/oss.epbbyl.enul.tf.pidj/files/d
    MD5

    d7f0257d31574b862af05971f883fae0

    SHA1

    252b1b03017de80d8fd70907cda39ce2bfadaddc

    SHA256

    765119852dc93c3a5d397cbaa167ac148856dba9773062626ed4aeb9674f860c

    SHA512

    3a53daaa693c0ee6904d737850d490a40035454931cebdbba865cefcd97df58e0c72e2ac33bbd4c1445f5d056193e81f113c0862d93acecbe74a0bcaa362eac5

    Download Submit
  • /data/user/0/oss.epbbyl.enul.tf.pidj/files/d.x86.flock
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/oss.epbbyl.enul.tf.pidj/files/oat/d.cur.prof
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/oss.epbbyl.enul.tf.pidj/shared_prefs/pref.xml
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/oss.epbbyl.enul.tf.pidj/shared_prefs/pref.xml
    MD5

    4a45bfe6b3acfe91ce6ffc4b805544cb

    SHA1

    e8db71155978e6ff898ace575d5f415aae3c5297

    SHA256

    1a6a5b718fecef5407042b81e9dbb936fd7c38aa6c5f85704c1b37db874478c2

    SHA512

    556c795cae9debbcb91f0cd97e85634409ce7b8af3db05331f1da072162e68f9fd5f2e7781fab7bbe1710a6d1b69a254de6502027a1f77b2ee551229fafe5436

    Download Submit