General
-
Target
d120bd9b73ea7cc5bff0648ef9f15116
-
Size
445KB
-
Sample
240317-r1c8asha7w
-
MD5
d120bd9b73ea7cc5bff0648ef9f15116
-
SHA1
251ab5f8aa09497ee9e893521055a72678887cbf
-
SHA256
ab857862a181beaabb52da98ccc504253a38ad8c1515cae5614c9243ab43a06e
-
SHA512
9ec8bd2820e9495e83f22949225192723cf021834975dd58d71b3ea8a4b14239386efedd5cf115da19febd99c91646376c1fecd84987a1d05fdf63b2e3b6cf8e
-
SSDEEP
12288:Dg5JKeJ5r67ru/D7DAEXqyqQnSMey7SQZya:DgzNJQ+/D7Duy5g8ka
Malware Config
Extracted
xloader_apk
http://91.204.227.39:28844
Targets
-
-
Target
d120bd9b73ea7cc5bff0648ef9f15116
-
Size
445KB
-
MD5
d120bd9b73ea7cc5bff0648ef9f15116
-
SHA1
251ab5f8aa09497ee9e893521055a72678887cbf
-
SHA256
ab857862a181beaabb52da98ccc504253a38ad8c1515cae5614c9243ab43a06e
-
SHA512
9ec8bd2820e9495e83f22949225192723cf021834975dd58d71b3ea8a4b14239386efedd5cf115da19febd99c91646376c1fecd84987a1d05fdf63b2e3b6cf8e
-
SSDEEP
12288:Dg5JKeJ5r67ru/D7DAEXqyqQnSMey7SQZya:DgzNJQ+/D7Duy5g8ka
Score10/10-
XLoader payload
-
XLoader, MoqHao
An Android banker and info stealer.
-
Removes its main activity from the application launcher
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Reads the contacts stored on the device.
-
Reads the content of the MMS message.
-
Acquires the wake lock
-
Reads information about phone network operator.
-