General
-
Target
2df6335a074a17b6fc685eebbf8cc036acf152b2e63b918ae221dcdf0e0346f3.bin
-
Size
436KB
-
Sample
240612-15mrzasepd
-
MD5
1868d729f483d777737b8289e0c59bca
-
SHA1
750e17a1af01dd2070fc47d0a2bc640f8d2cef7f
-
SHA256
2df6335a074a17b6fc685eebbf8cc036acf152b2e63b918ae221dcdf0e0346f3
-
SHA512
431e84e564bb8a5b3cdfc9218b475a18d4314dd6d32338427b0f663ad262d55222f6832aed7c9671085ff16ceea18ea2ff2b4e36065b4ee68d3574cb789f8c2b
-
SSDEEP
12288:YASErcqs13T0ERAcWyysVeDaNju9+HkAbtT4qw:zXrcqsFvvys7udAba
Static task
static1
Behavioral task
behavioral1
Sample
2df6335a074a17b6fc685eebbf8cc036acf152b2e63b918ae221dcdf0e0346f3.apk
Resource
android-x86-arm-20240611.1-en
Malware Config
Extracted
xloader_apk
http://91.204.227.50:28899
Targets
-
-
Target
2df6335a074a17b6fc685eebbf8cc036acf152b2e63b918ae221dcdf0e0346f3.bin
-
Size
436KB
-
MD5
1868d729f483d777737b8289e0c59bca
-
SHA1
750e17a1af01dd2070fc47d0a2bc640f8d2cef7f
-
SHA256
2df6335a074a17b6fc685eebbf8cc036acf152b2e63b918ae221dcdf0e0346f3
-
SHA512
431e84e564bb8a5b3cdfc9218b475a18d4314dd6d32338427b0f663ad262d55222f6832aed7c9671085ff16ceea18ea2ff2b4e36065b4ee68d3574cb789f8c2b
-
SSDEEP
12288:YASErcqs13T0ERAcWyysVeDaNju9+HkAbtT4qw:zXrcqsFvvys7udAba
-
XLoader payload
-
Checks if the Android device is rooted.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the MMS message.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Checks the presence of a debugger
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Hide Artifacts
2Suppress Application Icon
1User Evasion
1Virtualization/Sandbox Evasion
1System Checks
1