Overview

overview

10

Static

static

8

google-play.apk

android_x86

10

google-play.apk

android_x64

10

google-play.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    google-play.apk

  • Size

    3.6MB

  • Sample

    210723-98nwlazsdn

  • MD5

    a9ac3c5909bfe71aa86bc1758b4a0429

  • SHA1

    4871d25b1f43cdac4fd492498f3f09059ab99338

  • SHA256

    ab9192c088bc4c940972b186bf6c2aa9e57856614ce687cd387058b9f778f297

  • SHA512

    c46157817850da2998764b44a49352988f8d336d92be2691516ca5ec88c92b3cac1c5a98f9a5f89e17e0b8c7d28fdc893eee0df2b0c99e1102c3d9dfb316b466

Score
10/10
alienbotandroidbankerinfostealerobfuscationtrojan

Malware Config

Targets

    • Target

      google-play.apk

    • Size

      3.6MB

    • MD5

      a9ac3c5909bfe71aa86bc1758b4a0429

    • SHA1

      4871d25b1f43cdac4fd492498f3f09059ab99338

    • SHA256

      ab9192c088bc4c940972b186bf6c2aa9e57856614ce687cd387058b9f778f297

    • SHA512

      c46157817850da2998764b44a49352988f8d336d92be2691516ca5ec88c92b3cac1c5a98f9a5f89e17e0b8c7d28fdc893eee0df2b0c99e1102c3d9dfb316b466

    Score
    10/10
    alienbotbankerinfostealerobfuscationtrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    • Reads name of network operator

      Uses Android APIs to discover system information.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks