fd23105085a3b1c1445fafd86a08972eb8d4c7a509ead72d5b9d73c074d4d40e

General
Target

fd23105085a3b1c1445fafd86a08972eb8d4c7a509ead72d5b9d73c074d4d40e

Size

306KB

Sample

220521-xdsx5abec4

Score
10 /10
MD5

2cf535a1d8d5345104e4584840836c86

SHA1

5f252095223ad9f75b1407b4d124738920c006df

SHA256

fd23105085a3b1c1445fafd86a08972eb8d4c7a509ead72d5b9d73c074d4d40e

SHA512

e21ebd646059464cf051a7dd9140a75243751f8d925724aa0d3fc4cb66828cdc7a04c82d9d883d40ca32132e2b868aeafe388c66db38056f6e50cf08aa0bfb3a

Malware Config
Targets
Target

fd23105085a3b1c1445fafd86a08972eb8d4c7a509ead72d5b9d73c074d4d40e

MD5

2cf535a1d8d5345104e4584840836c86

Filesize

306KB

Score
10/10
SHA1

5f252095223ad9f75b1407b4d124738920c006df

SHA256

fd23105085a3b1c1445fafd86a08972eb8d4c7a509ead72d5b9d73c074d4d40e

SHA512

e21ebd646059464cf051a7dd9140a75243751f8d925724aa0d3fc4cb66828cdc7a04c82d9d883d40ca32132e2b868aeafe388c66db38056f6e50cf08aa0bfb3a

Tags

Signatures

  • XLoader Payload

  • XLoader, MoqHao

    Description

    An Android banker and info stealer.

    Tags

  • Acquires the wake lock.

  • Loads dropped Dex/Jar

    Description

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

  • Uses Crypto APIs (Might try to encrypt user data).

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          7/10

                          behavioral3

                          1/10