General
-
Target
7be196df227488c343fb42cfe03d4d07f64f7258b5bf5817c3dfec43c84f3f7c.bin
-
Size
205KB
-
Sample
240417-1zkenaff56
-
MD5
de2adb5a6bf51ee31b68c8308a28e584
-
SHA1
0d422dfe59ff20938decf321d4689985e680e679
-
SHA256
7be196df227488c343fb42cfe03d4d07f64f7258b5bf5817c3dfec43c84f3f7c
-
SHA512
ef207f97c65e13a34e76cf4be5bdee7eefa1ad01756eae2448a36a9519401e12af0d48f07efeba2a75edca5c60555d071590abc25b9c450cc3441b44acc19183
-
SSDEEP
3072:04PB8nq7ezdpWXfcse2zsLiaCLCfTgpi/kmL6cOAbYdq8tZAFiuVuJ9mLwTx:04Z8qSzVskiaCL9i/kW6b1tKFLVuJkmx
Static task
static1
Behavioral task
behavioral1
Sample
7be196df227488c343fb42cfe03d4d07f64f7258b5bf5817c3dfec43c84f3f7c.apk
Resource
android-x86-arm-20240221-en
Behavioral task
behavioral2
Sample
7be196df227488c343fb42cfe03d4d07f64f7258b5bf5817c3dfec43c84f3f7c.apk
Resource
android-x64-20240221-en
Behavioral task
behavioral3
Sample
7be196df227488c343fb42cfe03d4d07f64f7258b5bf5817c3dfec43c84f3f7c.apk
Resource
android-x64-arm64-20240221-en
Malware Config
Extracted
xloader_apk
http://91.204.227.39:28844
Targets
-
-
Target
7be196df227488c343fb42cfe03d4d07f64f7258b5bf5817c3dfec43c84f3f7c.bin
-
Size
205KB
-
MD5
de2adb5a6bf51ee31b68c8308a28e584
-
SHA1
0d422dfe59ff20938decf321d4689985e680e679
-
SHA256
7be196df227488c343fb42cfe03d4d07f64f7258b5bf5817c3dfec43c84f3f7c
-
SHA512
ef207f97c65e13a34e76cf4be5bdee7eefa1ad01756eae2448a36a9519401e12af0d48f07efeba2a75edca5c60555d071590abc25b9c450cc3441b44acc19183
-
SSDEEP
3072:04PB8nq7ezdpWXfcse2zsLiaCLCfTgpi/kmL6cOAbYdq8tZAFiuVuJ9mLwTx:04Z8qSzVskiaCL9i/kW6b1tKFLVuJkmx
-
XLoader payload
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries account information for other applications stored on the device.
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the MMS message.
-
Acquires the wake lock
-
Queries the unique device ID (IMEI, MEID, IMSI)
-