Overview

overview

10

Static

static

Android APK

android_x86_64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Chrome3.18.15.apk

  • Size

    3.1MB

  • Sample

    210318-w6reqb223n

  • MD5

    35d21e2a819590c81c592ed2ce48dd8d

  • SHA1

    1cf964734b18517a218c85b086b383b2a710abed

  • SHA256

    688f0c5efa0f93dbcc7600aa03fffa65f1ba4038931a67332b5255162585ef56

  • SHA512

    e2119e068254a597cfeae6eb6f46e2568367b9e806c2f46baa2d93120d32ef89c27e051a5ab790e539ad90059251bbae0524e3423c1ccff572adc7b454e145d7

Score
10/10
alienbotandroidbankerinfostealerobfuscationstealthtrojan

Malware Config

Extracted

Family

alienbot

C2

http://fiollool.ga

Targets

    • Target

      Chrome3.18.15.apk

    • Size

      3.1MB

    • MD5

      35d21e2a819590c81c592ed2ce48dd8d

    • SHA1

      1cf964734b18517a218c85b086b383b2a710abed

    • SHA256

      688f0c5efa0f93dbcc7600aa03fffa65f1ba4038931a67332b5255162585ef56

    • SHA512

      e2119e068254a597cfeae6eb6f46e2568367b9e806c2f46baa2d93120d32ef89c27e051a5ab790e539ad90059251bbae0524e3423c1ccff572adc7b454e145d7

    Score
    10/10
    alienbotbankerinfostealerobfuscationstealthtrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Removes its main activity from the application launcher

      stealthtrojan

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    behavioral1

MITRE ATT&CK Matrix

Tasks