General
-
Target
11eb1c66ce2fb405f9ef3d0be024c63a483bc3fcd305a2a934f79dd1b1380410.bin
-
Size
260KB
-
Sample
241224-12mykaypeq
-
MD5
614abba41eb22e1a1be4e895ebcea1db
-
SHA1
c799dd0fa2205b6638eb5a7276ce2ff87074c36b
-
SHA256
11eb1c66ce2fb405f9ef3d0be024c63a483bc3fcd305a2a934f79dd1b1380410
-
SHA512
f89f00a8f8cf4983c8803cd2e3934c4e8dd0a1a0f77db1259d7fe5b4b12e3cf50e87996010399dcd6ac883bcd1ce79d5ebf5f59162a81ab04f8e6ca52b5f5f30
-
SSDEEP
6144:O/WPyHSBsMZIxEA+zLFPH+YIXvv96/zbPeZz056KIxMMMs7HiQfSTG:OH8FZvLFPeYWviIr7HHf
Static task
static1
Behavioral task
behavioral1
Sample
11eb1c66ce2fb405f9ef3d0be024c63a483bc3fcd305a2a934f79dd1b1380410.apk
Resource
android-x86-arm-20240624-en
Malware Config
Targets
-
-
Target
11eb1c66ce2fb405f9ef3d0be024c63a483bc3fcd305a2a934f79dd1b1380410.bin
-
Size
260KB
-
MD5
614abba41eb22e1a1be4e895ebcea1db
-
SHA1
c799dd0fa2205b6638eb5a7276ce2ff87074c36b
-
SHA256
11eb1c66ce2fb405f9ef3d0be024c63a483bc3fcd305a2a934f79dd1b1380410
-
SHA512
f89f00a8f8cf4983c8803cd2e3934c4e8dd0a1a0f77db1259d7fe5b4b12e3cf50e87996010399dcd6ac883bcd1ce79d5ebf5f59162a81ab04f8e6ca52b5f5f30
-
SSDEEP
6144:O/WPyHSBsMZIxEA+zLFPH+YIXvv96/zbPeZz056KIxMMMs7HiQfSTG:OH8FZvLFPeYWviIr7HHf
-
XLoader payload
-
Xloader_apk family
-
Checks if the Android device is rooted.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the content of the MMS message.
-
Acquires the wake lock
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Download New Code at Runtime
1Foreground Persistence
1Hide Artifacts
2Suppress Application Icon
1User Evasion
1Virtualization/Sandbox Evasion
1System Checks
1