General

  • Target

    2e8b278dc2bfcce5d043f0846a34bf92dccedbd58b8b17152ebffb18a341655f

  • Size

    440KB

  • Sample

    220207-q3313acdhp

  • MD5

    0aaf6aa859fbdb84de20bf4bf28a02f1

  • SHA1

    d1725ea71803066c0626115d63f71d468f106579

  • SHA256

    2e8b278dc2bfcce5d043f0846a34bf92dccedbd58b8b17152ebffb18a341655f

  • SHA512

    6e3d6808034e197c67091c18758457ab1a27e1a44a9cbaaf2de75efa901d94e01ef194bb2e9b54fe304a2a6d5f6c8bc0b122b1395a362d7d8ab2a326d3137923

Malware Config

Targets

    • Target

      2e8b278dc2bfcce5d043f0846a34bf92dccedbd58b8b17152ebffb18a341655f

    • Size

      440KB

    • MD5

      0aaf6aa859fbdb84de20bf4bf28a02f1

    • SHA1

      d1725ea71803066c0626115d63f71d468f106579

    • SHA256

      2e8b278dc2bfcce5d043f0846a34bf92dccedbd58b8b17152ebffb18a341655f

    • SHA512

      6e3d6808034e197c67091c18758457ab1a27e1a44a9cbaaf2de75efa901d94e01ef194bb2e9b54fe304a2a6d5f6c8bc0b122b1395a362d7d8ab2a326d3137923

    • XLoader Payload

    • XLoader, MoqHao

      An Android banker and info stealer.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks