Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

6

230dc1092f...93.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    230dc1092f2db4bedf15cd5abfcfe893

  • Size

    445KB

  • Sample

    231231-b2f3ksfbbq

  • MD5

    230dc1092f2db4bedf15cd5abfcfe893

  • SHA1

    9052b0e2a2186c4151d85b9562a9a33e073c6092

  • SHA256

    624339883e6c717c756176cba1e3b12eaa096a84bbaa93726bce0a748e428afd

  • SHA512

    f24aaa57c09f59f67556dcb38a3740c47cc7abfd50b8074da8bbd5dfd38e7afe9f2af0881b46e7245b9ea8ec295eac6b2b6cad154d6da7a8d89ca7e2e954817d

  • SSDEEP

    12288:YWUv8psXBnCTAte+M1SyD7DAEXqyqQnSMey7SQZyZ:YWlpsXpCTArM1SyD7Duy5g8kZ

Score
10/10
xloader_apkandroidbankerinfostealerstealthtrojan

Malware Config

Extracted

Family

xloader_apk

C2

http://91.204.227.39:28844

DES_key

Targets

    • Target

      230dc1092f2db4bedf15cd5abfcfe893

    • Size

      445KB

    • MD5

      230dc1092f2db4bedf15cd5abfcfe893

    • SHA1

      9052b0e2a2186c4151d85b9562a9a33e073c6092

    • SHA256

      624339883e6c717c756176cba1e3b12eaa096a84bbaa93726bce0a748e428afd

    • SHA512

      f24aaa57c09f59f67556dcb38a3740c47cc7abfd50b8074da8bbd5dfd38e7afe9f2af0881b46e7245b9ea8ec295eac6b2b6cad154d6da7a8d89ca7e2e954817d

    • SSDEEP

      12288:YWUv8psXBnCTAte+M1SyD7DAEXqyqQnSMey7SQZyZ:YWlpsXpCTArM1SyD7Duy5g8kZ

    Score
    10/10
    xloader_apkbankerinfostealerstealthtrojan

    • XLoader payload

    • XLoader, MoqHao

      An Android banker and info stealer.

      trojaninfostealerbankerxloader_apk

    • Removes its main activity from the application launcher

      stealthtrojan

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Acquires the wake lock

    • Reads information about phone network operator.

    behavioral1

MITRE ATT&CK Matrix

Tasks