Overview

overview

10

Static

static

6

8e13f815f8...72.apk

android-9-x86

10

8e13f815f8...72.apk

android-10-x64

10

8e13f815f8...72.apk

android-11-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    8e13f815f82d36e0fad78cdad4568612b133f89282f9b617bbdfeda949676e72

  • Size

    280KB

  • Sample

    231220-hxz38aghck

  • MD5

    455fb0c67b0c0ebda8716697de97cad4

  • SHA1

    39dddcbbe859f2c67ca480eb7865b742540c74da

  • SHA256

    8e13f815f82d36e0fad78cdad4568612b133f89282f9b617bbdfeda949676e72

  • SHA512

    963b13deb457cc0ef348a9a0d47949d35f32fd8752ee7d6bdbd1c6b1d4ba348bbf6ee79dd717a5711a77a273b77fab3b023b1c0f8fe371bb602aae5b476c0648

  • SSDEEP

    6144:L/9RBqUX4VZGD31e9JcQSDIXDhe56gU/aqAT6pGyp+iO+mBv4xyypY:L/9DX4KFe9JKDIXg56g0AT9ypux6pY

Score
10/10
xloader_apkandroidbankerevasioninfostealerstealthtrojan

Malware Config

Targets

    • Target

      8e13f815f82d36e0fad78cdad4568612b133f89282f9b617bbdfeda949676e72

    • Size

      280KB

    • MD5

      455fb0c67b0c0ebda8716697de97cad4

    • SHA1

      39dddcbbe859f2c67ca480eb7865b742540c74da

    • SHA256

      8e13f815f82d36e0fad78cdad4568612b133f89282f9b617bbdfeda949676e72

    • SHA512

      963b13deb457cc0ef348a9a0d47949d35f32fd8752ee7d6bdbd1c6b1d4ba348bbf6ee79dd717a5711a77a273b77fab3b023b1c0f8fe371bb602aae5b476c0648

    • SSDEEP

      6144:L/9RBqUX4VZGD31e9JcQSDIXDhe56gU/aqAT6pGyp+iO+mBv4xyypY:L/9DX4KFe9JKDIXg56g0AT9ypux6pY

    Score
    10/10
    xloader_apkbankerevasioninfostealerstealthtrojan

    • XLoader payload

    • XLoader, MoqHao

      An Android banker and info stealer.

      trojaninfostealerbankerxloader_apk

    • Removes its main activity from the application launcher

      stealthtrojan

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Acquires the wake lock

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks