General
-
Target
cf5b114ae032a4b25e388d2dfc32b3e7
-
Size
445KB
-
Sample
240316-3jzkrafa91
-
MD5
cf5b114ae032a4b25e388d2dfc32b3e7
-
SHA1
120020a30a124af03ec0aa9d96ba01a70442744a
-
SHA256
9f2aa63acc278a2d9f82d4536c2c9d5193d0e1a5ae92388d2ca891bba09c1377
-
SHA512
390aec64457793431ab046e992cc333bb5b25b6891d69491d46d58676cf2ff41f3e3a4080311136a73e7c2a8a910ead8fddae795359c0dfaa92dc9943e2a693a
-
SSDEEP
12288:WRxe7tfIt4vzVUD7DAEXqyqQnSMey7SQZyXzF:WROvzyD7Duy5g8kjF
Malware Config
Extracted
xloader_apk
http://91.204.227.39:28844
Targets
-
-
Target
cf5b114ae032a4b25e388d2dfc32b3e7
-
Size
445KB
-
MD5
cf5b114ae032a4b25e388d2dfc32b3e7
-
SHA1
120020a30a124af03ec0aa9d96ba01a70442744a
-
SHA256
9f2aa63acc278a2d9f82d4536c2c9d5193d0e1a5ae92388d2ca891bba09c1377
-
SHA512
390aec64457793431ab046e992cc333bb5b25b6891d69491d46d58676cf2ff41f3e3a4080311136a73e7c2a8a910ead8fddae795359c0dfaa92dc9943e2a693a
-
SSDEEP
12288:WRxe7tfIt4vzVUD7DAEXqyqQnSMey7SQZyXzF:WROvzyD7Duy5g8kjF
Score10/10-
XLoader payload
-
XLoader, MoqHao
An Android banker and info stealer.
-
Removes its main activity from the application launcher
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Reads the contacts stored on the device.
-
Reads the content of the MMS message.
-
Acquires the wake lock
-
Reads information about phone network operator.
-