General
-
Target
36a09f8ea330676ffe548123d91d8569f1cea795655b90cf999282795acade5f.bin
-
Size
412KB
-
Sample
240627-1xdt4awcmj
-
MD5
a33225fcf2f5b4e9501259cad921134b
-
SHA1
2c46405a75f6b8808be3039ea92e7db32aae90c3
-
SHA256
36a09f8ea330676ffe548123d91d8569f1cea795655b90cf999282795acade5f
-
SHA512
62a0d269a22fcceb964e44efbb948d348601ba7e4148f8cc20dca857d98526a5766eac5027a794e7e302ed7a142de07fb688ffefce84d8daafc98a4caf365472
-
SSDEEP
6144:LRAkWAlis7Bougy2TByQDz3a12UH/aiNBkcnOxH2R30vUEbObpm8jYJAwuJ:LqDNUHiiQDhu0vUEbqmEYxQ
Static task
static1
Behavioral task
behavioral1
Sample
36a09f8ea330676ffe548123d91d8569f1cea795655b90cf999282795acade5f.apk
Resource
android-x86-arm-20240624-en
Malware Config
Extracted
xloader_apk
http://91.204.227.50:28899
Targets
-
-
Target
36a09f8ea330676ffe548123d91d8569f1cea795655b90cf999282795acade5f.bin
-
Size
412KB
-
MD5
a33225fcf2f5b4e9501259cad921134b
-
SHA1
2c46405a75f6b8808be3039ea92e7db32aae90c3
-
SHA256
36a09f8ea330676ffe548123d91d8569f1cea795655b90cf999282795acade5f
-
SHA512
62a0d269a22fcceb964e44efbb948d348601ba7e4148f8cc20dca857d98526a5766eac5027a794e7e302ed7a142de07fb688ffefce84d8daafc98a4caf365472
-
SSDEEP
6144:LRAkWAlis7Bougy2TByQDz3a12UH/aiNBkcnOxH2R30vUEbObpm8jYJAwuJ:LqDNUHiiQDhu0vUEbqmEYxQ
-
XLoader payload
-
Checks if the Android device is rooted.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the MMS message.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-