Overview

overview

10

Static

static

Android APK

android_x86_64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Chrome3.17.18.apk

  • Size

    3.1MB

  • Sample

    210317-sm4dtxsqpj

  • MD5

    12776f05afb4085d022f49f74d4ba05f

  • SHA1

    10afa08bd47e09d29d6b4eddbe921213414c84cf

  • SHA256

    51f6f1644a8f70e0e874fa2e8ba6634aa759a8e96e8455e218478638b73ee173

  • SHA512

    dcccb3ecc3ae2c0d106fe3490f3e22a95a0fe889f7c4883b82f1ccc4ac85aff85cef3ae372508882786caf51f61a2555b55050d6b8b049e7ce01af8b2bbba5dc

Score
10/10
alienbotandroidbankerinfostealerobfuscationstealthtrojan

Malware Config

Extracted

Family

alienbot

C2

http://suffoopp.ga

Targets

    • Target

      Chrome3.17.18.apk

    • Size

      3.1MB

    • MD5

      12776f05afb4085d022f49f74d4ba05f

    • SHA1

      10afa08bd47e09d29d6b4eddbe921213414c84cf

    • SHA256

      51f6f1644a8f70e0e874fa2e8ba6634aa759a8e96e8455e218478638b73ee173

    • SHA512

      dcccb3ecc3ae2c0d106fe3490f3e22a95a0fe889f7c4883b82f1ccc4ac85aff85cef3ae372508882786caf51f61a2555b55050d6b8b049e7ce01af8b2bbba5dc

    Score
    10/10
    alienbotbankerinfostealerobfuscationstealthtrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Removes its main activity from the application launcher

      stealthtrojan

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    behavioral1

MITRE ATT&CK Matrix

Tasks