General

  • Target

    9a7e8013b314a99547659f7a3ea669d3

  • Size

    445KB

  • Sample

    240214-cnz4zaed6w

  • MD5

    9a7e8013b314a99547659f7a3ea669d3

  • SHA1

    a2ebc7677b069988e95fe2358ac49af2e4db18d5

  • SHA256

    43c820692473e7288293c985190c4389774942b33819d622214ef33350e5667d

  • SHA512

    e62e8e02b8afaddfc69f27ac7472c955a5c864a88c550653bc95f06dd8091b0f5a2630cfb8aefcb1767ded2df1393067143c44f97bf96c2625737b73d97fe90b

  • SSDEEP

    6144:EfsJ1h4DU5oJkKfqr/gm5C7XrXDDUEW+3qyqPoQ+8QVbSda8lysdWINQZoFSF+A2:Ecv2kKSoD7DAEXqyqQnSMey7SQZyyMX

Malware Config

Extracted

Family

xloader_apk

C2

http://91.204.227.39:28844

DES_key

Targets

    • Target

      9a7e8013b314a99547659f7a3ea669d3

    • Size

      445KB

    • MD5

      9a7e8013b314a99547659f7a3ea669d3

    • SHA1

      a2ebc7677b069988e95fe2358ac49af2e4db18d5

    • SHA256

      43c820692473e7288293c985190c4389774942b33819d622214ef33350e5667d

    • SHA512

      e62e8e02b8afaddfc69f27ac7472c955a5c864a88c550653bc95f06dd8091b0f5a2630cfb8aefcb1767ded2df1393067143c44f97bf96c2625737b73d97fe90b

    • SSDEEP

      6144:EfsJ1h4DU5oJkKfqr/gm5C7XrXDDUEW+3qyqPoQ+8QVbSda8lysdWINQZoFSF+A2:Ecv2kKSoD7DAEXqyqQnSMey7SQZyyMX

    • XLoader payload

    • XLoader, MoqHao

      An Android banker and info stealer.

    • Removes its main activity from the application launcher

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Acquires the wake lock

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks