Overview

overview

10

Static

static

Android APK

android_x86_64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    42131def2f45730f36878cfa54ce85d0e253b61f49882009470cfea6934bf5ce.apk

  • Size

    2.6MB

  • Sample

    210317-ged92zeenx

  • MD5

    2212c0979b229eca96c07eac4737f279

  • SHA1

    747494670cbb1aa5a9fce849d27624a6c60961c8

  • SHA256

    42131def2f45730f36878cfa54ce85d0e253b61f49882009470cfea6934bf5ce

  • SHA512

    eca68c4cc9cc448ced35aa8c523b3ce876b44aa09fb7553276d27d6e50049ff7fca05d070c406e2d657bbf9127f24f26ca389ba2394d23736780109f6e4c75b0

Score
10/10
alienbotandroidbankerinfostealerobfuscationstealthtrojan

Malware Config

Extracted

Family

alienbot

C2

http://dsgfdgf.top

Targets

    • Target

      42131def2f45730f36878cfa54ce85d0e253b61f49882009470cfea6934bf5ce.apk

    • Size

      2.6MB

    • MD5

      2212c0979b229eca96c07eac4737f279

    • SHA1

      747494670cbb1aa5a9fce849d27624a6c60961c8

    • SHA256

      42131def2f45730f36878cfa54ce85d0e253b61f49882009470cfea6934bf5ce

    • SHA512

      eca68c4cc9cc448ced35aa8c523b3ce876b44aa09fb7553276d27d6e50049ff7fca05d070c406e2d657bbf9127f24f26ca389ba2394d23736780109f6e4c75b0

    Score
    10/10
    alienbotbankerinfostealerobfuscationstealthtrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Removes its main activity from the application launcher

      stealthtrojan

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    behavioral1

MITRE ATT&CK Matrix

Tasks