Overview

overview

10

Static

static

6

83840979fc...ff.apk

android-9-x86

10

83840979fc...ff.apk

android-10-x64

10

83840979fc...ff.apk

android-11-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    android-11_x64
  • resource
    android-x64-arm64-20240910-en
  • submitted
    05-01-2025 22:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    83840979fc33672b7485997eb6d05d05394b1c444490d3887d6f80416cd9f0ff.apk

  • Size

    305KB

  • MD5

    54b1a1a9e2ba31c5a14185d1da28b84c

  • SHA1

    33a1be6f4459b84f2719c76ab15cb99f7cc8e783

  • SHA256

    83840979fc33672b7485997eb6d05d05394b1c444490d3887d6f80416cd9f0ff

  • SHA512

    c10c9181bcedccc8e66ceaa33c619543c97b253c7e9cf03296347465f942e4259102a7ce1932316d17e1c997734199c77b96cf3ab138f0b730f25a920703d59d

  • SSDEEP

    6144:wsONyeKf/SNBee3aeJXeqCKYtPVwmqNscZlCbeVyxCdxCa:wzxKf/STeeqe0KY5qKxhkB

Score
10/10
xloader_apkbankercollectiondefense_evasiondiscoveryevasionimpactinfostealerpersistencestealthtrojan

Malware Config

Extracted

Family

xloader_apk

C2

http://1.171.162.250:33669/user_info_uploader

https://docs.google.com/document/d/1s0n64k12_r9MglT5m9lr63M5F3e-xRyaMeYP7rdOTrA/mobilebasic
Attributes
  • user_agent

    Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36

    Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36

Signatures

Processes

  • gyys.ue.tp
    1⤵
    • Checks if the Android device is rooted.
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Reads the content of the MMS message.
    • Acquires the wake lock
    • Makes use of the framework's foreground persistence service
    • Requests changing the default SMS application.
    PID:4866

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/gyys.ue.tp/files/dex
    Filesize

    580KB

    MD5

    ed9219be2761d62f01f05dee71f02df3

    SHA1

    c2b904961f519a66052c04d444b34ef4c3f00e67

    SHA256

    b8f6a3769331039a5f2dc29eba3adc431a7b086d47ec579cd143da11f137f13d

    SHA512

    420dc0fa4e231a66fa5c26fbd7952f574aa24aec62ecdf387dd376e98dac93cbea493785d67a030bd6d6745b00c7f3b14b693f906124ee6438b6a227d682f8bd

    Download Submit