Overview

overview

10

Static

static

6

5dbb0b9087...52.apk

android-9-x86

10

Analysis

  • max time kernel
    179s
  • max time network
    138s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    03-08-2024 22:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5dbb0b90875c73558d20bbe97ac397287a39b7f4da0abc62299957d5927adc52.apk

  • Size

    444KB

  • MD5

    717617d613bad48442b153c65304bed8

  • SHA1

    0451585f5cbfd4fea12059550347e57b7658ff66

  • SHA256

    5dbb0b90875c73558d20bbe97ac397287a39b7f4da0abc62299957d5927adc52

  • SHA512

    c0d15d198d472a06321ad326ee284aa7f41c49afdf221c9a1f36fe060ee61c6db95c4c95f7c621be139c66062d03b0300319c1081c3ae0ecabb352b4884ada86

  • SSDEEP

    12288:N+z+wb76eqEia3tJMbodkRjHCtV9IhY4P433y3r76BPS0LZ18TfjwFL:N+PKeL+boeRjHcV9IhdY3sr76BPS5O

Score
10/10
xloader_apkbankercollectiondiscoveryevasioninfostealerpersistencestealthtrojan

Malware Config

Signatures

Processes

  • b.qqkzvo.fzvb
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Reads the content of the MMS message.
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4255

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/b.qqkzvo.fzvb/files/d
    Filesize

    453KB

    MD5

    65c2bb906f9608c0ab195ce0cd8876ef

    SHA1

    bbd58179b12fa4f81d49c501cb52aebecb96e17c

    SHA256

    bcfc6d1052e2f6020364b197e49ce3e2ecbb16c046a170684af3388c917b27a4

    SHA512

    2732930e444d6678301b19e42de71fc23176923719738f8300d04557d52b07fc4942021550373d6558490fd3fa0f0235fa5fde823836af1228e1652511751e7e

    Download Submit

  • /data/data/b.qqkzvo.fzvb/files/oat/d.cur.prof
    Filesize

    788B

    MD5

    3f45db0f93bc1e82248d88a9e635fdc8

    SHA1

    6524cad09b447df5648f7fdbf16d5b77bc0180d4

    SHA256

    0f19ea5b1a6d240fafbf445d0679b61b36c872e3ea2d95d0f04e6e4201f764b2

    SHA512

    524123cc1f11c2b71e78cd26cf64d6f156ac6c70573e6cf156499bef3098b7646d649433961f82999014daf333c33a6327c485fefa16ac51d067586b1af7895c

    Download Submit