Overview

overview

10

Static

static

Android APK

android_x86_64

10

Analysis

  • max time kernel
    4008443s
  • max time network
    155s
  • platform
    android_x86_64
  • resource
    android-x86_64
  • submitted
    20-04-2021 10:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Chrome.apk

  • Size

    3.6MB

  • MD5

    2fbf77333f68b2c738a4102f56a5604e

  • SHA1

    5979668a322e96279d16bd5b5feb4f4e8c70022b

  • SHA256

    cdb41ef602bb1395eca7b6f325a40f89128a393243f49350d1e7841831c58cfe

  • SHA512

    c7cae88386b5753a21ed675b3a9b6d2e8d85355a0d860159e5681451666faedce0878fa16076f0cf08b4669fdb0fb95b52de8dc9e46178e3d8cbce1487cc79ad

Score
10/10
alienbotbankerinfostealerobfuscationstealthtrojan

Malware Config

Extracted

Family

alienbot

C2

http://hostgamesesdeses.com

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Removes its main activity from the application launcher 8 IoCs
    stealthtrojan
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 36 IoCs
    obfuscation

Processes

  • hen.weather.master
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:3610
    • hen.weather.master
      2⤵
        PID:3674
      • getprop
        2⤵
          PID:3674
        • hen.weather.master
          2⤵
            PID:3767
          • getprop
            2⤵
              PID:3767
            • hen.weather.master
              2⤵
                PID:3801
              • getprop
                2⤵
                  PID:3801
                • hen.weather.master
                  2⤵
                    PID:3883
                  • getprop
                    2⤵
                      PID:3883
                    • hen.weather.master
                      2⤵
                        PID:3919
                      • getprop
                        2⤵
                          PID:3919
                        • hen.weather.master
                          2⤵
                            PID:3948
                          • getprop
                            2⤵
                              PID:3948
                            • hen.weather.master
                              2⤵
                                PID:3981
                              • getprop
                                2⤵
                                  PID:3981

                              Network

                              MITRE ATT&CK Matrix

                              Replay Monitor

                              Loading Replay Monitor...

                              Downloads