Overview

overview

10

Static

static

6

df3538de6a...7a.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    df3538de6a20c43301a4e1f44429747a

  • Size

    445KB

  • Sample

    240326-p3vh9aaf59

  • MD5

    df3538de6a20c43301a4e1f44429747a

  • SHA1

    3a3d0803f9f6999a1402ff469b1aa73c1ba066ea

  • SHA256

    e20059f5685a7cfe981447f4dad6f42a35d5b545622b0949a060af7742efe0d9

  • SHA512

    53d7737ab2d6c9fe06a754b061334526f8a1028ab06807afeb1e1652fe7b9ada8dd9cba34b3709e7dacfc0fb81f8ecb0fd5a64d659672d7d82a78af312239d8f

  • SSDEEP

    12288:gZu/w81UwnZDbu/D7DAEXqyqQnSMey7SQZyB:3/w81LZDK/D7Duy5g8kB

Score
10/10
xloader_apkandroidbankercollectiondiscoveryevasioninfostealerpersistencestealthtrojan

Malware Config

Extracted

Family

xloader_apk

C2

http://91.204.227.39:28844

DES_key

Targets

    • Target

      df3538de6a20c43301a4e1f44429747a

    • Size

      445KB

    • MD5

      df3538de6a20c43301a4e1f44429747a

    • SHA1

      3a3d0803f9f6999a1402ff469b1aa73c1ba066ea

    • SHA256

      e20059f5685a7cfe981447f4dad6f42a35d5b545622b0949a060af7742efe0d9

    • SHA512

      53d7737ab2d6c9fe06a754b061334526f8a1028ab06807afeb1e1652fe7b9ada8dd9cba34b3709e7dacfc0fb81f8ecb0fd5a64d659672d7d82a78af312239d8f

    • SSDEEP

      12288:gZu/w81UwnZDbu/D7DAEXqyqQnSMey7SQZyB:3/w81LZDK/D7Duy5g8kB

    Score
    10/10
    xloader_apkbankercollectiondiscoveryevasioninfostealerpersistencestealthtrojan

    • XLoader payload

    • XLoader, MoqHao

      An Android banker and info stealer.

      trojaninfostealerbankerxloader_apk

    • Removes its main activity from the application launcher

      stealthtrojanevasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

      evasion

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Reads the contacts stored on the device.

      collection

    • Reads the content of the MMS message.

      collection

    • Acquires the wake lock

    • Reads information about phone network operator.

      discovery
    behavioral1

MITRE ATT&CK Matrix

Tasks