Overview

overview

10

Static

static

Android APK

android_x86_64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Chrome.apk

  • Size

    3.6MB

  • Sample

    210420-e7fllx1zda

  • MD5

    2fbf77333f68b2c738a4102f56a5604e

  • SHA1

    5979668a322e96279d16bd5b5feb4f4e8c70022b

  • SHA256

    cdb41ef602bb1395eca7b6f325a40f89128a393243f49350d1e7841831c58cfe

  • SHA512

    c7cae88386b5753a21ed675b3a9b6d2e8d85355a0d860159e5681451666faedce0878fa16076f0cf08b4669fdb0fb95b52de8dc9e46178e3d8cbce1487cc79ad

Score
10/10
alienbotandroidbankerinfostealerobfuscationstealthtrojan

Malware Config

Extracted

Family

alienbot

C2

http://hostgamesesdeses.com

Targets

    • Target

      Chrome.apk

    • Size

      3.6MB

    • MD5

      2fbf77333f68b2c738a4102f56a5604e

    • SHA1

      5979668a322e96279d16bd5b5feb4f4e8c70022b

    • SHA256

      cdb41ef602bb1395eca7b6f325a40f89128a393243f49350d1e7841831c58cfe

    • SHA512

      c7cae88386b5753a21ed675b3a9b6d2e8d85355a0d860159e5681451666faedce0878fa16076f0cf08b4669fdb0fb95b52de8dc9e46178e3d8cbce1487cc79ad

    Score
    10/10
    alienbotbankerinfostealerobfuscationstealthtrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Removes its main activity from the application launcher

      stealthtrojan

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    behavioral1

MITRE ATT&CK Matrix

Tasks