Overview

overview

10

Static

static

Android APK

android_x86_64

10

Analysis

  • max time kernel
    4007875s
  • max time network
    165s
  • platform
    android_x86_64
  • resource
    android-x86_64_arm64
  • submitted
    20-04-2021 10:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    guncelleme.apk

  • Size

    3.6MB

  • MD5

    3f42750d4bc64de237187720733da092

  • SHA1

    fa89239568fa00d860b53063cb4d97e3bd78a3dc

  • SHA256

    1e3f43966a14d33abc347324c47715518dc31add54e9a3f4e0db66a7e78bc5ca

  • SHA512

    71e94f73c813ba888159927465be4a7662d53836bca7be3be78042bd6306327cb630318ce1d1932a2d599450dcdfe020bfa94ad2868fcc545a941ff9f841bedf

Score
10/10
alienbotbankerinfostealerobfuscationstealthtrojan

Malware Config

Extracted

Family

alienbot

C2

http://kralvevezir21.digital

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Removes its main activity from the application launcher 1 IoCs
    stealthtrojan
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 32 IoCs
    obfuscation

Processes

  • because.junior.crater
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:4601

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads