xloader_apk | 8d43daddf4ac85a99816078ad3a04a4e658f6d48d2ce21d76ec156f455a42b84 | Triage

Submit
Reports

Overview

overview

Static

static

6

d6f54ced91...8b.apk

android-9-x86

Sharing

General

Target

d6f54ced913717993181cd5aaaf8998b
Size

445KB
Sample

240319-yd9fjsdd72
MD5

d6f54ced913717993181cd5aaaf8998b
SHA1

8e0d0bf3cd855b1878838ddba52f77e04a8e4afc
SHA256

8d43daddf4ac85a99816078ad3a04a4e658f6d48d2ce21d76ec156f455a42b84
SHA512

597e0c34159a6f31112783dae5a80f47785b83abb43e9e13b2e148da97a16911446683c4c7edd922cbc8ee6827f0e02fbb13c92a8695ba4ab8f78ece7e0404d2
SSDEEP

12288:Ma4923l1BtD7DAEXqyqQnSMey7SQZyOUr:Md2dtD7Duy5g8kOUr

Score

10^/10

xloader_apk android banker collection discovery evasion infostealer stealth trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d6f54ced913717993181cd5aaaf8998b.apk

Resource

android-x86-arm-20240221-en

xloader_apk banker collection discovery evasion infostealer stealth trojan

android-9-x86

9 signatures

150 seconds

Malware Config

Extracted

Family

xloader_apk

C2

http://91.204.227.39:28844

DES_key

Targets

- Target
  
  d6f54ced913717993181cd5aaaf8998b
- Size
  
  445KB
- MD5
  
  d6f54ced913717993181cd5aaaf8998b
- SHA1
  
  8e0d0bf3cd855b1878838ddba52f77e04a8e4afc
- SHA256
  
  8d43daddf4ac85a99816078ad3a04a4e658f6d48d2ce21d76ec156f455a42b84
- SHA512
  
  597e0c34159a6f31112783dae5a80f47785b83abb43e9e13b2e148da97a16911446683c4c7edd922cbc8ee6827f0e02fbb13c92a8695ba4ab8f78ece7e0404d2
- SSDEEP
  
  12288:Ma4923l1BtD7DAEXqyqQnSMey7SQZyOUr:Md2dtD7Duy5g8kOUr
Score

10^/10

xloader_apk banker collection discovery evasion infostealer stealth trojan
- XLoader payload
- XLoader, MoqHao
  An Android banker and info stealer.
  trojan infostealer banker xloader_apk
- Removes its main activity from the application launcher
  stealth trojan evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Reads the contacts stored on the device.
  collection
- Reads the content of the MMS message.
  collection
- Acquires the wake lock
- Reads information about phone network operator.
  discovery
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

xloader_apkbankercollectiondiscoveryevasioninfostealerstealthtrojan

© 2018-2024

Terms | Privacy