Overview

overview

10

Static

static

Android APK

android_x86_64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Android_Guncelleme.apk

  • Size

    3.7MB

  • Sample

    210420-c7lp5vr6hj

  • MD5

    9c3af466b9706da8b8876e5be69f77af

  • SHA1

    3c3f971d3f6de34269f43a02d470d9bb4bfbd345

  • SHA256

    284f986aede0783f4ba50adacc043a77b6ecbc0483337bae20e447f4ff371e3a

  • SHA512

    f9873e3b7843a954fb730875955c06aca3279c9330f277aa7a4601b3ec39a0f514b5891a3ce2064f49024941e959b4d59037cf64465a04549293923c63e8e99c

Score
10/10
alienbotandroidbankerinfostealerobfuscationstealthtrojan

Malware Config

Extracted

Family

alienbot

C2

http://seninle1tik.digital

Targets

    • Target

      Android_Guncelleme.apk

    • Size

      3.7MB

    • MD5

      9c3af466b9706da8b8876e5be69f77af

    • SHA1

      3c3f971d3f6de34269f43a02d470d9bb4bfbd345

    • SHA256

      284f986aede0783f4ba50adacc043a77b6ecbc0483337bae20e447f4ff371e3a

    • SHA512

      f9873e3b7843a954fb730875955c06aca3279c9330f277aa7a4601b3ec39a0f514b5891a3ce2064f49024941e959b4d59037cf64465a04549293923c63e8e99c

    Score
    10/10
    alienbotbankerinfostealerobfuscationstealthtrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Removes its main activity from the application launcher

      stealthtrojan

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    behavioral1

MITRE ATT&CK Matrix

Tasks