xloader_apk | dc2c8a143099b03f2de31b05cf02a7dc68e88b330c8f5a7f9536c69963293380 | Triage

Submit
Reports

Overview

overview

Static

static

6

be19ba6e62...18.apk

android-9-x86

Sharing

General

Target

be19ba6e627b0cb5a1e4acb7c725a240_JaffaCakes118
Size

444KB
Sample

240404-vsvzxsdc9s
MD5

be19ba6e627b0cb5a1e4acb7c725a240
SHA1

5f4b437ce703ad85ec0d52a83a8f96c2f9491c29
SHA256

dc2c8a143099b03f2de31b05cf02a7dc68e88b330c8f5a7f9536c69963293380
SHA512

89b376176d63554c620fc42195cd03dbdcf371351fde90bf4ccfb6f2362373d8cf283190b67b0d3e8f3fb1604955749f779ba8fd47473f23b8e81bccd82ba663
SSDEEP

12288:wbVQmt51spL11E3VShd+qr1svgrruW/a/xDRQqtGlU:w5QI5sJ1iVS/fr1ugryWmR9Qm

Score

10^/10

xloader_apk android banker collection evasion infostealer persistence stealth trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

be19ba6e627b0cb5a1e4acb7c725a240_JaffaCakes118.apk

Resource

android-x86-arm-20240221-en

xloader_apk banker collection evasion infostealer persistence stealth trojan

android-9-x86

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  be19ba6e627b0cb5a1e4acb7c725a240_JaffaCakes118
- Size
  
  444KB
- MD5
  
  be19ba6e627b0cb5a1e4acb7c725a240
- SHA1
  
  5f4b437ce703ad85ec0d52a83a8f96c2f9491c29
- SHA256
  
  dc2c8a143099b03f2de31b05cf02a7dc68e88b330c8f5a7f9536c69963293380
- SHA512
  
  89b376176d63554c620fc42195cd03dbdcf371351fde90bf4ccfb6f2362373d8cf283190b67b0d3e8f3fb1604955749f779ba8fd47473f23b8e81bccd82ba663
- SSDEEP
  
  12288:wbVQmt51spL11E3VShd+qr1svgrruW/a/xDRQqtGlU:w5QI5sJ1iVS/fr1ugryWmR9Qm
Score

10^/10

xloader_apk banker collection evasion infostealer persistence stealth trojan
- XLoader payload
- XLoader, MoqHao
  An Android banker and info stealer.
  trojan infostealer banker xloader_apk
- Removes its main activity from the application launcher
  stealth trojan evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Reads the content of the MMS message.
  collection
- Acquires the wake lock
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

xloader_apkbankercollectionevasioninfostealerpersistencestealthtrojan

© 2018-2024

Terms | Privacy