SYMBOLCOMMON_NAMEaka. SYNONYMS
apk.xenomorph (Back to overview)

Xenomorph

Xenomorph is a Android Banking RAT developed by the Hadoken.Security actor.

References
2023-03-10ThreatFabricThreatFabric
@online{threatfabric:20230310:xenomorph:d4e3757, author = {ThreatFabric}, title = {{Xenomorph v3: a new variant with ATS targeting more than 400 institutions}}, date = {2023-03-10}, organization = {ThreatFabric}, url = {https://www.threatfabric.com/blogs/xenomorph-v3-new-variant-with-ats.html}, language = {English}, urldate = {2023-03-13} } Xenomorph v3: a new variant with ATS targeting more than 400 institutions
Xenomorph
2022-12-08ThreatFabricThreatFabric
@online{threatfabric:20221208:zombinder:e82734d, author = {ThreatFabric}, title = {{Zombinder: new obfuscation service used by Ermac, now distributed next to desktop stealers}}, date = {2022-12-08}, organization = {ThreatFabric}, url = {https://www.threatfabric.com/blogs/zombinder-ermac-and-desktop-stealers.html}, language = {English}, urldate = {2022-12-08} } Zombinder: new obfuscation service used by Ermac, now distributed next to desktop stealers
ERMAC Xenomorph
2022-11-10ZscalerThreatLabZ research team
@online{team:20221110:rise:aebb475, author = {ThreatLabZ research team}, title = {{Rise of Banking Trojan Dropper in Google Play}}, date = {2022-11-10}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/rise-banking-trojan-dropper-google-play-0}, language = {English}, urldate = {2022-12-01} } Rise of Banking Trojan Dropper in Google Play
Xenomorph
2022-08-16ThreatFabricThreatFabric
@online{threatfabric:20220816:bugdrop:1babd7a, author = {ThreatFabric}, title = {{BugDrop: the first malware trying to circumvent Google's security Controls}}, date = {2022-08-16}, organization = {ThreatFabric}, url = {https://www.threatfabric.com/blogs/bugdrop-new-dropper-bypassing-google-security-measures.html}, language = {English}, urldate = {2022-12-08} } BugDrop: the first malware trying to circumvent Google's security Controls
Xenomorph
2022-06-27Medium (Cryptax)Axelle Apvrille
@online{apvrille:20220627:unpacking:1b11605, author = {Axelle Apvrille}, title = {{Unpacking a JsonPacker-packed sample}}, date = {2022-06-27}, organization = {Medium (Cryptax)}, url = {https://cryptax.medium.com/unpacking-a-jsonpacker-packed-sample-4038e12119f5}, language = {English}, urldate = {2022-08-15} } Unpacking a JsonPacker-packed sample
Xenomorph
2022-02ThreatFabric
@online{threatfabric:202202:xenomorph:c77d519, author = {ThreatFabric}, title = {{Xenomorph: A newly hatched Banking Trojan}}, date = {2022-02}, url = {https://www.threatfabric.com/blogs/xenomorph-a-newly-hatched-banking-trojan.html}, language = {English}, urldate = {2022-03-02} } Xenomorph: A newly hatched Banking Trojan
Xenomorph

There is no Yara-Signature yet.