Overview

overview

10

Static

static

Android APK

android_x86_64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Correos_Seguimiento (1).apk

  • Size

    2.6MB

  • Sample

    210305-2es3q6nbzx

  • MD5

    b5ed569ccb0dcb73b78bd471cc5c7193

  • SHA1

    d3226720af70556411228f967228fa775b60b0e3

  • SHA256

    85e2227bac98f2a283470798f9f15d63dc3e8f5d98c71385514603f181aefd83

  • SHA512

    9b26696b75ab92429ae3e715cf0d9cdbec775ff15f6d70381a60630010029621b2119f7c080a9c7644beb55a21bcb135630bd2804e1c901673132c490805ac1b

Score
10/10
alienbotandroidbankerinfostealerobfuscationstealthtrojan

Malware Config

Extracted

Family

alienbot

C2

http://drasdsasa.com

Targets

    • Target

      Correos_Seguimiento (1).apk

    • Size

      2.6MB

    • MD5

      b5ed569ccb0dcb73b78bd471cc5c7193

    • SHA1

      d3226720af70556411228f967228fa775b60b0e3

    • SHA256

      85e2227bac98f2a283470798f9f15d63dc3e8f5d98c71385514603f181aefd83

    • SHA512

      9b26696b75ab92429ae3e715cf0d9cdbec775ff15f6d70381a60630010029621b2119f7c080a9c7644beb55a21bcb135630bd2804e1c901673132c490805ac1b

    Score
    10/10
    alienbotbankerinfostealerobfuscationstealthtrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Removes its main activity from the application launcher

      stealthtrojan

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    behavioral1

MITRE ATT&CK Matrix

Tasks