xloader_apk | 83ba2b1c0352ea9988edeb608abf2c037b1f30482bbc05c3ae79265bab7a44c9 | Triage

Submit
Reports

Overview

overview

Static

static

7

vlenqvvcpm.apk

android_x86

Sharing

General

Target

vlenqvvcpm.apk
Size

510KB
Sample

220706-pm7tmscgcp
MD5

2e7acc13e9a9911cb5dd4057c5f0c343
SHA1

293165e4734e4a7dfcac8887034526a0733eeefd
SHA256

83ba2b1c0352ea9988edeb608abf2c037b1f30482bbc05c3ae79265bab7a44c9
SHA512

7888e1f72d718683fb41221e1345e582def560e307dcc2354bedef420d20ecbc0ba40b147e6452c8ef39426b053b7232bd381d40866757ad16f99e65f82fd3ef

Score

10^/10

xloader_apk android banker royalmail infostealer phishing ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

vlenqvvcpm.apk

Resource

android-x86-arm-20220621-en

xloader_apk banker royalmail infostealer phishing ransomware trojan

android_x86

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  vlenqvvcpm.apk
- Size
  
  510KB
- MD5
  
  2e7acc13e9a9911cb5dd4057c5f0c343
- SHA1
  
  293165e4734e4a7dfcac8887034526a0733eeefd
- SHA256
  
  83ba2b1c0352ea9988edeb608abf2c037b1f30482bbc05c3ae79265bab7a44c9
- SHA512
  
  7888e1f72d718683fb41221e1345e582def560e307dcc2354bedef420d20ecbc0ba40b147e6452c8ef39426b053b7232bd381d40866757ad16f99e65f82fd3ef
Score

10^/10

xloader_apk banker royalmail infostealer phishing ransomware trojan
- Detected royalmail phishing page
  phishing royalmail
- XLoader Payload
- XLoader, MoqHao
  An Android banker and info stealer.
  trojan infostealer banker xloader_apk
- Acquires the wake lock.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

xloader_apkbankerroyalmailinfostealerphishingransomwaretrojan

© 2018-2024

Terms | Privacy