XLoader

XLoader is a malicious Android app that was observed targeting Japan, Korea, China, Taiwan, and Hong Kong in 2018. [1]

ID: S0318
Aliases: XLoader
Type: MALWARE
Platforms: Android

Version: 1.1

Alias Descriptions

NameDescription
XLoader[1]

Techniques Used

DomainIDNameUse
MobileT1401Abuse Device Administrator Access to Prevent RemovalXLoader requests Android Device Administrator access.[1]
MobileT1412Capture SMS MessagesXLoader collects SMS messages.[1]
MobileT1429Microphone or Camera RecordingsXLoader covertly records phone calls.[1]
MobileT1406Obfuscated or Encrypted PayloadXLoader loads an encrypted DEX code payload.[1]

References