AndroidOSXavierAXM

High-level Description

  • Year: 2017
  • Blog: https://blog.trendmicro.com/trendlabs-security-intelligence/analyzing-xavier-information-stealing-ad-library-android/, https://blog.trendmicro.com/trendlabs-security-intelligence/analyzing-xavier-information-stealing-ad-library-android/

This malware sample aims to steal information and perform an unknown payload. The retrieves commands from the malware developer’s C&C server to download and execute the unknown payload on launch of the application. The device information is leaked to the malware developer’s server when the user installs an app through advertisement referrers.

Signature


The image of the signature can be downloaded here for closer inspection.