alienbot | 038b8edf2d30c114c70c4c3b5282bb82e9f3a54a9ffb280cc2703a3b4c4541f3 | Triage

Submit
Reports

Overview

overview

Static

static

8

Android APK

android_x64

Sharing

General

Target

038b8edf2d30c114c70c4c3b5282bb82e9f3a54a9ffb280cc2703a3b4c4541f3.apk
Size

3.9MB
Sample

210729-2nleybh612
MD5

fb923168652bd7f9de5b798abf591984
SHA1

13400b8396d8c813456354a264dcdbf7fd18527d
SHA256

038b8edf2d30c114c70c4c3b5282bb82e9f3a54a9ffb280cc2703a3b4c4541f3
SHA512

ab616734b2b6ab96bafa33908bb48e29ec430e3b80edaef5b02cbcb656f639ef79791ce7206a826562cabb4c07c4e6ad0ca08df4486a47a1ce18c619effbbb8f

Score

10^/10

alienbot android banker infostealer obfuscation trojan

Static task

static1

Behavioral task

behavioral1

Sample

038b8edf2d30c114c70c4c3b5282bb82e9f3a54a9ffb280cc2703a3b4c4541f3.apk

Resource

android-x64-arm64

alienbot banker infostealer obfuscation trojan

android_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  038b8edf2d30c114c70c4c3b5282bb82e9f3a54a9ffb280cc2703a3b4c4541f3.apk
- Size
  
  3.9MB
- MD5
  
  fb923168652bd7f9de5b798abf591984
- SHA1
  
  13400b8396d8c813456354a264dcdbf7fd18527d
- SHA256
  
  038b8edf2d30c114c70c4c3b5282bb82e9f3a54a9ffb280cc2703a3b4c4541f3
- SHA512
  
  ab616734b2b6ab96bafa33908bb48e29ec430e3b80edaef5b02cbcb656f639ef79791ce7206a826562cabb4c07c4e6ad0ca08df4486a47a1ce18c619effbbb8f
Score

10^/10

alienbot banker infostealer obfuscation trojan
- Alienbot
  Alienbot is a fork of Cerberus banker first seen in January 2020.
  banker trojan infostealer alienbot
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads name of network operator
  Uses Android APIs to discover system information.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

alienbotbankerinfostealerobfuscationtrojan

© 2018-2024

Terms | Privacy