Overview

overview

10

Static

static

6

f6afcfb0a1...aa.apk

android-9-x86

10

Analysis

  • max time kernel
    179s
  • max time network
    174s
  • platform
    android_x86
  • resource
    android-x86-arm-20240624-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
  • submitted
    20/08/2024, 22:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    f6afcfb0a13ef799dedb9db6429cf0ff6a7c8dae0b741984a88310ff5a8178aa.apk

  • Size

    440KB

  • MD5

    6d74f35d83565c66bd618df1ad0faeb8

  • SHA1

    4790201055d5a8102840bc54c354a9eab2128a92

  • SHA256

    f6afcfb0a13ef799dedb9db6429cf0ff6a7c8dae0b741984a88310ff5a8178aa

  • SHA512

    fe43059bb9ed3503651e691a3f2c6793243a06eebefbd4c32445a863bb3cd01b5af2639bb669f13007d3106f87d2710b5bed21300552f3626d3ef4e371780302

  • SSDEEP

    12288:4uWWrJbiHZYomRfdWlXppDcezvLt7xiBpJg8snJcdV:19cZYomSlXoezvLtN1xJcD

Score
10/10
xloader_apkbankercollectiondiscoveryevasionimpactinfostealerpersistencestealthtrojan

Malware Config

Extracted

Family

xloader_apk

C2

http://91.204.227.39:28844

DES_key

Signatures

Processes

  • t.uuepog.zgfh
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Reads the content of the MMS message.
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Requests changing the default SMS application.
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4247

Network

        MITRE ATT&CK Mobile v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/data/t.uuepog.zgfh/files/d
          Filesize

          454KB

          MD5

          70981e80e0fc7d5b58e1e133839e0bcd

          SHA1

          bbd65ce41ca1f65e1646ce902dde824302f7714c

          SHA256

          123d3d05df04c183259f36c78419f0ac8f1e1179e0135611203f11a4f7e16040

          SHA512

          7ab08ee27bfc747dc59ef95ccc0abc60f95e11e921a99b53ffd68aba9321679cdf5c7fa4ad23c738cab2191a06827e9471ab206a1e80d57eaa731fc319e0010c

          Download Submit

        • /data/data/t.uuepog.zgfh/files/oat/d.cur.prof
          Filesize

          891B

          MD5

          ed6ed7e62aaa1004ed24c8eb85dd81c6

          SHA1

          7a1dfa1734d36ce40a1732f06b35852ae11fa448

          SHA256

          9660639d9affdb8b146d39de001154efc07290ef001da6a13d27f4019e6936f8

          SHA512

          f093c7b1ba12839e4489f0bc7866012a3da8fda14c7b0bcd037b8a64f788e29bd9dbbb287126f3c5edf40c3ab315fbadd6cf7f4080396fd93cd704c71aa5f749

          Download Submit