Overview

overview

10

Static

static

6

d1d07a1f4b...a6.apk

android-9-x86

10

d1d07a1f4b...a6.apk

android-10-x64

10

d1d07a1f4b...a6.apk

android-11-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    android-11_x64
  • resource
    android-x64-arm64-20240910-en
  • resource tags

    arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
  • submitted
    08-09-2024 22:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d1d07a1f4be2b3d295d1ddddcbb8e3fdd49adca9a38c6361e472f90d611571a6.apk

  • Size

    218KB

  • MD5

    b937161dc5243d57b7a732c758847b38

  • SHA1

    df4a205d7865f4b1f7087cc5787c47c550c68a35

  • SHA256

    d1d07a1f4be2b3d295d1ddddcbb8e3fdd49adca9a38c6361e472f90d611571a6

  • SHA512

    30bd5ede63f7130cfc4524209622a83b6e09303a0964b00f2b6718e3b6487e69b0a74fbb524b6596f3c4d0b717d445719d548fc4de774b7ead5bc487de59e7dd

  • SSDEEP

    6144:VW64a1GDZEdyTA1HkeI8oW5FCmlGhrRQDT+2:VGaG/MVkeJ5cmiAT+2

Score
10/10
xloader_apkbankercollectiondiscoveryevasionimpactinfostealerpersistencestealthtrojan

Malware Config

Extracted

Family

xloader_apk

C2

http://91.204.227.39:28844

DES_key

Signatures

Processes

  • mmxh.lwgtj.dozzm
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Reads the content of the MMS message.
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Requests changing the default SMS application.
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4779

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/mmxh.lwgtj.dozzm/files/dex
    Filesize

    456KB

    MD5

    c5654523e4899cf11630fe902e74b494

    SHA1

    d51781ac831b0442d5aaa8fb801d664f0daeb1c4

    SHA256

    fd7e515d5732df7cc5632a8411671fdad79815c7df963ef68f728398c8c8db31

    SHA512

    19e1fdb04673dec606e0376b0ffb4e32bd12d37cf50d22815c114ccc2a76824b114835ef858e0fbc84d89dc6be1e1951be047e24521771c05d6ce43fac137bdb

    Download Submit