General
-
Target
a7e1a12eb27b3ee2209dffa1a59f58c8_JaffaCakes118
-
Size
444KB
-
Sample
240403-1zsq2aec2t
-
MD5
a7e1a12eb27b3ee2209dffa1a59f58c8
-
SHA1
bff82146d55983003e8da6b77a5bd8eee898ed72
-
SHA256
c92a7d2f90ed8bdc73a7ed3fef7bb98cc86b875a939c2b5d2b01ca6db71f98d8
-
SHA512
bdbbfbcb8a2744066026f0718bdb961a22f6e86b52cfb9e34368bfc7b95e3f07e4755e860c82f1a743223b82b1743c23ed6693f5ef3553f2955bbe270284f1f2
-
SSDEEP
12288:tf51spL11E3VShd+qr1svgrruWUwSkOLreoWfT:tf5sJ1iVS/fr1ugryWUwSkOXeoWL
Malware Config
Targets
-
-
Target
a7e1a12eb27b3ee2209dffa1a59f58c8_JaffaCakes118
-
Size
444KB
-
MD5
a7e1a12eb27b3ee2209dffa1a59f58c8
-
SHA1
bff82146d55983003e8da6b77a5bd8eee898ed72
-
SHA256
c92a7d2f90ed8bdc73a7ed3fef7bb98cc86b875a939c2b5d2b01ca6db71f98d8
-
SHA512
bdbbfbcb8a2744066026f0718bdb961a22f6e86b52cfb9e34368bfc7b95e3f07e4755e860c82f1a743223b82b1743c23ed6693f5ef3553f2955bbe270284f1f2
-
SSDEEP
12288:tf51spL11E3VShd+qr1svgrruWUwSkOLreoWfT:tf5sJ1iVS/fr1ugryWUwSkOXeoWL
Score10/10-
XLoader payload
-
XLoader, MoqHao
An Android banker and info stealer.
-
Removes its main activity from the application launcher
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Reads the content of the MMS message.
-
Acquires the wake lock
-