Overview

overview

10

Static

static

8

YERLİ_UCR...3).apk

android_x86

10

YERLİ_UCR...3).apk

android_x64

10

YERLİ_UCR...3).apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    YERLİ_UCRETSİZ_GİZLİ_ÇEKİM_PORNO_VİDEOLAR_obf (3).apk

  • Size

    2.6MB

  • Sample

    210809-86kjgjw1ga

  • MD5

    a55df1afefc9562dca22c6befa00003b

  • SHA1

    50616944bb194cb4f82dc28cd53c9dd4ca6f66f4

  • SHA256

    8d4ba01befd0bb33459d7232c376cfb036c68857433ecc05a3f127b8edd64a66

  • SHA512

    38e2c410c5ac6b1dc2d91c1fddec77dd9a374c0f6e090dc460c1819a78d7693846264982eccab90c0b6e73d874e916c3022c813d05c1fa7542f3ddaa45948833

Score
10/10
alienbotandroidbankerinfostealerobfuscationtrojan

Malware Config

Extracted

Family

alienbot

C2

http://buralarneler.com

Targets

    • Target

      YERLİ_UCRETSİZ_GİZLİ_ÇEKİM_PORNO_VİDEOLAR_obf (3).apk

    • Size

      2.6MB

    • MD5

      a55df1afefc9562dca22c6befa00003b

    • SHA1

      50616944bb194cb4f82dc28cd53c9dd4ca6f66f4

    • SHA256

      8d4ba01befd0bb33459d7232c376cfb036c68857433ecc05a3f127b8edd64a66

    • SHA512

      38e2c410c5ac6b1dc2d91c1fddec77dd9a374c0f6e090dc460c1819a78d7693846264982eccab90c0b6e73d874e916c3022c813d05c1fa7542f3ddaa45948833

    Score
    10/10
    alienbotbankerinfostealerobfuscationtrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    • Reads name of network operator

      Uses Android APIs to discover system information.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks