Overview

overview

10

Static

static

6

2ad7d7b0c1...89.apk

android-9-x86

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2ad7d7b0c1022141e9c3c789c8c5f089

  • Size

    445KB

  • Sample

    231231-gmw35scdd3

  • MD5

    2ad7d7b0c1022141e9c3c789c8c5f089

  • SHA1

    c8dfaa89d7186415fc1e00ab152e22326430446e

  • SHA256

    15654b31de9af6e3c344618a08bf597555c2927519557702112d313dba61734f

  • SHA512

    691b0a0c2f9c7e604840213c7b8148110e929bba315b8cc47474019ca0dbec00e0a49412ac602b9cde30bde66d7a0e0a14df9ace333bf056ef60a205c1ad744c

  • SSDEEP

    12288:tKqm0TeWHKn6D7DAEXqyqQnSMey7SQZyn:tKx0TeWqn6D7Duy5g8kn

Score
10/10
xloader_apkandroidbankerinfostealerstealthtrojan

Malware Config

Extracted

Family

xloader_apk

C2

http://91.204.227.39:28844

DES_key

Targets

    • Target

      2ad7d7b0c1022141e9c3c789c8c5f089

    • Size

      445KB

    • MD5

      2ad7d7b0c1022141e9c3c789c8c5f089

    • SHA1

      c8dfaa89d7186415fc1e00ab152e22326430446e

    • SHA256

      15654b31de9af6e3c344618a08bf597555c2927519557702112d313dba61734f

    • SHA512

      691b0a0c2f9c7e604840213c7b8148110e929bba315b8cc47474019ca0dbec00e0a49412ac602b9cde30bde66d7a0e0a14df9ace333bf056ef60a205c1ad744c

    • SSDEEP

      12288:tKqm0TeWHKn6D7DAEXqyqQnSMey7SQZyn:tKx0TeWqn6D7Duy5g8kn

    Score
    10/10
    xloader_apkbankerinfostealerstealthtrojan

    • XLoader payload

    • XLoader, MoqHao

      An Android banker and info stealer.

      trojaninfostealerbankerxloader_apk

    • Removes its main activity from the application launcher

      stealthtrojan

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Acquires the wake lock

    • Reads information about phone network operator.

    behavioral1

MITRE ATT&CK Matrix

Tasks