Overview

overview

10

Static

static

6

23ec799296...08.apk

android-9-x86

10

23ec799296...08.apk

android-10-x64

10

23ec799296...08.apk

android-11-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    android-10_x64
  • resource
    android-x64-20240910-en
  • resource tags

    arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
  • submitted
    07-11-2024 22:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    23ec79929686591f11c52d6dadaa3ddac095de5bf8b3b81b6762711b13bc5708.apk

  • Size

    302KB

  • MD5

    2dcacbc7b8d0c67eefb424ec6ab30fde

  • SHA1

    072ca7cf8dbcc28fd5baae6d9235724f9aa886cd

  • SHA256

    23ec79929686591f11c52d6dadaa3ddac095de5bf8b3b81b6762711b13bc5708

  • SHA512

    a186f848b254570e288ca2b696e5d3d6d46e30fb3e98329630faf0afb06ce5049b68e57eabf5c99887dd7c8233808c760ab93b13bbe8af11aba9615be36ff78c

  • SSDEEP

    6144:nhkvYJrP4LPlwj6NuxMkkZDyUM0rwiyyKxnYA5Gdri3+NCtJMN6RKwmGrow:tJL4LmjPxCD3M0rwiyxxn6DNCfMEQwpD

Score
10/10
xloader_apkbankercollectiondiscoveryevasioninfostealerpersistencestealthtrojan

Malware Config

Signatures

Processes

  • pole.nmxln.asukh
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Reads the content of the MMS message.
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:5135

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/pole.nmxln.asukh/files/dex
    Filesize

    580KB

    MD5

    8c7542abcfd5e2c08e99555d8d0bc605

    SHA1

    5f40007a5343603be18a1ce3c39ce43604099be5

    SHA256

    0cd2b17aa21cd8de63842da21e3464df7bb2bd4a278fffbbfea6b294c3ca9e6d

    SHA512

    362c7dd23aa52a9c72e9d90eebb99e1d4e4cd01b68348249bbeee4bb407728aabd30874488926635bacb2e1d640ad4e95852e345afa8ad66057c80c8f768ed88

    Download Submit

  • /data/data/pole.nmxln.asukh/files/oat/dex.cur.prof
    Filesize

    798B

    MD5

    01013f9a261f157e80e7e31f76b29776

    SHA1

    3613aef240ad61aa1c23e17721f6d4a2ed6c72df

    SHA256

    378616798098abf058cfd54d8d1c6c0a067624a68bd250af3d269b8c339e2ba2

    SHA512

    fd1b1b78449805c7871f02da51f311715948d846a950949bad2845e32d7748cd17732b33c1c508ba7de43058b6fbc51de9a4404a39b6f79846c5190e674bb666

    Download Submit