xamalicious | hxxps://apkvision[.]org/games/role-playing/stardew-valley-40176/

Analysis

max time kernel
121s
max time network
129s
platform
android-13_x64
resource
android-33-x64-arm64-20240910-en
resource tags

arch:arm64arch:x64arch:x86image:android-33-x64-arm64-20240910-enlocale:en-usos:android-13-x64system
submitted
07/03/2025, 07:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://apkvision.org/games/role-playing/stardew-valley-40176/

Score

10^/10

xamalicious infostealer spyware trojan

Malware Config

Signatures

Android Xamalicious payload 1 IoCs

resource	yara_rule
behavioral1/files/fstream-6.dat	family_xamalicious

Xamalicious
Xamalicious is an Android backdoor malware implemented with Xamarin framework first seen in December 2023.
trojan infostealer spyware xamalicious
Xamalicious family
xamalicious

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.android.chrome

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.android.chrome

com.android.chrome
1⤵
- Checks CPU information
- Checks memory information
PID:4418

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

files/dom-0.html

Filesize
337KB

MD5
b8aeb95fa0afed370b073ea321a6f888

SHA1
8b522acb6615f31ce074ba731d3557d6eae6aba2

SHA256
e1a372483954d46fdc39ee289600994a6346f65dbe1c54a5a61184dc53f1fd67

SHA512
7a393a7a39a0cd71d006fc2517da39ea03ab4aea564bf4db6db66bca35fb1ef7ac93f97bc5364756b5b57e82a2e914ce88f939e80e5ddd26f0d378d021e35eed

Download Submit
files/dom-1.html

Filesize
51KB

MD5
58f7a8fcfd65dad3a8fe89e5a3a7ce79

SHA1
1a9910ca5dab1f231eacfae9f0db522548f1971d

SHA256
204e2fe3cb0d21a10301b84d9dfd3a612473d6f5e02356e9a305a2e69ce5f1f1

SHA512
336509a694fed98f4a62a61d320065aae49483fba3f7abf45547106b4824c3661dc022422703b54a69de5fb6e6cc21920f8161f66072eb7074bac41648e668df

Download Submit
/storage/emulated/0/Download/.pending-1741937652-Stardew-Valley-v1.6.15.0-full-apkvision.apk

Filesize
30.4MB

MD5
1c611c86d13ce88f2f63d1973e10a304

SHA1
d5acad7a308890ce99438d567976f5664a0928b6

SHA256
fb3afd05ee3cdab28f55e0b835c85be6928383e03706ee42a2814a13a9e12294

SHA512
65572589310742ac1529a3c2f9958a1c33c6f185f1cfafc24a7f77b1649b5b7c4fe636be5dbcf80c6ff106088c8ed6b1e19b33b11d77b4d0e3e44b161801c697

Download Submit
/storage/emulated/0/Download/.pending-1741937652-Stardew-Valley-v1.6.15.0-full-apkvision.apk

Filesize
399.8MB

MD5
b4f1f8c16691e3af4ae566d123c44f2c

SHA1
70a8265ad5f0422a176689740a24f9b45418cee9

SHA256
57fbc2d02f08fbfff58f546eb1fc108091ca78a115e47045d8250032700bc6f3

SHA512
8c1b5286d91fe71052f91153e6950adaef443d83aa87141fdc2d2b8e876545fc951d52a40a8f1013b59a9bc09e1eedbd1f0866a4f7fbd706640adbb5b120f1f1

Download Submit
/storage/emulated/0/Download/.pending-1741937652-Stardew-Valley-v1.6.15.0-full-apkvision.apk (deleted)

Filesize
1.5MB

MD5
00488586f20c97ea6741c537b44e6439

SHA1
2564c347044fd7a1e5b3d81ee3ac55b78dcda254

SHA256
84b00d9dc5e283e1219046c73425caaaeac27b53a20c747ceba3b9182647ba65

SHA512
a63474512f1e0dabfab9cf9b3d189ab8636f80f3d513781c6fb55d29961c13fc88a10a93ccd7ee143826b16375381ff7d4038d64c32b59e00d83edea2b9b8cd3

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads