General
-
Target
68c746d2e233ccece76d055a45219404b6451a0109d8041ed57119fd0b9228ec.bin
-
Size
408KB
-
Sample
240803-13mzysxbml
-
MD5
72830435674df14f44054758b5310b0f
-
SHA1
1e20534e68cac66c47c32c7f7b49c62302d1609f
-
SHA256
68c746d2e233ccece76d055a45219404b6451a0109d8041ed57119fd0b9228ec
-
SHA512
9855b3b97997e41b5656fe49270225030f7fcb44ac34306115ea374fccd0ed8c5d8557c118a973ddc1db494b64fc75cc0da1056a74a4d952a2e2e254142eec90
-
SSDEEP
12288:dDNUHiiQDhu0vUEbqmEYxi8fJyvb56loO:x+HiiQFvUE+JLUMvb5DO
Static task
static1
Behavioral task
behavioral1
Sample
68c746d2e233ccece76d055a45219404b6451a0109d8041ed57119fd0b9228ec.apk
Resource
android-x86-arm-20240624-en
Malware Config
Extracted
xloader_apk
http://91.204.227.50:28899
Targets
-
-
Target
68c746d2e233ccece76d055a45219404b6451a0109d8041ed57119fd0b9228ec.bin
-
Size
408KB
-
MD5
72830435674df14f44054758b5310b0f
-
SHA1
1e20534e68cac66c47c32c7f7b49c62302d1609f
-
SHA256
68c746d2e233ccece76d055a45219404b6451a0109d8041ed57119fd0b9228ec
-
SHA512
9855b3b97997e41b5656fe49270225030f7fcb44ac34306115ea374fccd0ed8c5d8557c118a973ddc1db494b64fc75cc0da1056a74a4d952a2e2e254142eec90
-
SSDEEP
12288:dDNUHiiQDhu0vUEbqmEYxi8fJyvb56loO:x+HiiQFvUE+JLUMvb5DO
-
XLoader payload
-
Checks if the Android device is rooted.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the MMS message.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Reads information about phone network operator.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-