Overview

overview

10

Static

static

Android APK

android_x86_64

10

Analysis

  • max time kernel
    4008150s
  • max time network
    145s
  • platform
    android_x86_64
  • resource
    android-x86_64_arm64
  • submitted
    20-04-2021 10:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Android_Guncelleme.apk

  • Size

    3.7MB

  • MD5

    9c3af466b9706da8b8876e5be69f77af

  • SHA1

    3c3f971d3f6de34269f43a02d470d9bb4bfbd345

  • SHA256

    284f986aede0783f4ba50adacc043a77b6ecbc0483337bae20e447f4ff371e3a

  • SHA512

    f9873e3b7843a954fb730875955c06aca3279c9330f277aa7a4601b3ec39a0f514b5891a3ce2064f49024941e959b4d59037cf64465a04549293923c63e8e99c

Score
10/10
alienbotbankerinfostealerobfuscationstealthtrojan

Malware Config

Extracted

Family

alienbot

C2

http://seninle1tik.digital

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Removes its main activity from the application launcher 1 IoCs
    stealthtrojan
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 34 IoCs
    obfuscation

Processes

  • salon.vapor.review
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:4775

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads