xloader_apk | 8c0dfda74dce3141fce8121977585eaf1928ae0d2adfbe7306e894ab27a7c6df | Triage

Sharing

General

Target

8c0dfda74dce3141fce8121977585eaf1928ae0d2adfbe7306e894ab27a7c6df.bin
Size

432KB
Sample

240612-2w8thsxgkl
MD5

c83a035cfd5385f9ad5d8501dbeda502
SHA1

45e51d246eaf55511fb940f7b9d5833b670b22fe
SHA256

8c0dfda74dce3141fce8121977585eaf1928ae0d2adfbe7306e894ab27a7c6df
SHA512

f8c676e24c88feb82e06a0a303691cd2146693f685f78e20c8847cf76234d52ea7ca34f33bb3bc3a751da48bf9d8ded4f3e83ead66a0af6fb66775f9a03d3808
SSDEEP

6144:0PH9Drn/kyN7bSIaQYiSWTql6+iK6edDusVeDaOJ3CBtKXyFju92/HAjjcJ1ttTF:69fnZN7YAcWyysVeDaNju9+HkAbtT4qh

Score

10^/10

xloader_apk android banker evasion infostealer trojan

Malware Config

Targets

- Target
  
  8c0dfda74dce3141fce8121977585eaf1928ae0d2adfbe7306e894ab27a7c6df.bin
- Size
  
  432KB
- MD5
  
  c83a035cfd5385f9ad5d8501dbeda502
- SHA1
  
  45e51d246eaf55511fb940f7b9d5833b670b22fe
- SHA256
  
  8c0dfda74dce3141fce8121977585eaf1928ae0d2adfbe7306e894ab27a7c6df
- SHA512
  
  f8c676e24c88feb82e06a0a303691cd2146693f685f78e20c8847cf76234d52ea7ca34f33bb3bc3a751da48bf9d8ded4f3e83ead66a0af6fb66775f9a03d3808
- SSDEEP
  
  6144:0PH9Drn/kyN7bSIaQYiSWTql6+iK6edDusVeDaOJ3CBtKXyFju92/HAjjcJ1ttTF:69fnZN7YAcWyysVeDaNju9+HkAbtT4qh
Score

10^/10

xloader_apk banker evasion infostealer trojan
- XLoader payload
- XLoader, MoqHao
  An Android banker and info stealer.
  trojan infostealer banker xloader_apk
- Checks if the Android device is rooted.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Checks the presence of a debugger
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

xloader_apkbankerevasioninfostealertrojan