General
-
Target
0dee532f779cfb6235402e8eb523557fdc579092aeabd3806d1bd15f58fd02af.bin
-
Size
207KB
-
Sample
241113-12fjgszkcs
-
MD5
2a28fa547a3ac61abf972ede947a80b4
-
SHA1
07dd2d2e848ad5c6bb0e692ed0b5410a9ad78437
-
SHA256
0dee532f779cfb6235402e8eb523557fdc579092aeabd3806d1bd15f58fd02af
-
SHA512
04c7f0276147c5ebe9de7e282163505a73979f60186f64a464f3bb7305c2b7cec228ad7d6fbc527e24ae444d2adb72702ee185942c8f18adedc7322c62864ef9
-
SSDEEP
6144:UnRmboFI5jHtudZwwp0Zr66q2xMjucitni1:R5jHtAwwp0bq2oJ1
Static task
static1
Behavioral task
behavioral1
Sample
0dee532f779cfb6235402e8eb523557fdc579092aeabd3806d1bd15f58fd02af.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
0dee532f779cfb6235402e8eb523557fdc579092aeabd3806d1bd15f58fd02af.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral3
Sample
0dee532f779cfb6235402e8eb523557fdc579092aeabd3806d1bd15f58fd02af.apk
Resource
android-x64-arm64-20240910-en
Malware Config
Targets
-
-
Target
0dee532f779cfb6235402e8eb523557fdc579092aeabd3806d1bd15f58fd02af.bin
-
Size
207KB
-
MD5
2a28fa547a3ac61abf972ede947a80b4
-
SHA1
07dd2d2e848ad5c6bb0e692ed0b5410a9ad78437
-
SHA256
0dee532f779cfb6235402e8eb523557fdc579092aeabd3806d1bd15f58fd02af
-
SHA512
04c7f0276147c5ebe9de7e282163505a73979f60186f64a464f3bb7305c2b7cec228ad7d6fbc527e24ae444d2adb72702ee185942c8f18adedc7322c62864ef9
-
SSDEEP
6144:UnRmboFI5jHtudZwwp0Zr66q2xMjucitni1:R5jHtAwwp0bq2oJ1
-
XLoader payload
-
Xloader_apk family
-
Checks if the Android device is rooted.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the MMS message.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests changing the default SMS application.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Hide Artifacts
1Suppress Application Icon
1