Analysis

  • max time kernel
    1057017s
  • max time network
    72s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    13-08-2021 10:12

General

  • Target

    e3242bbd0a14045280fe57c7eca7c16a332a79edf58662c3e4ffa825bf78568c.apk

  • Size

    4.1MB

  • MD5

    c964e7894329592360aff35b7b23205e

  • SHA1

    cfecbbb47621aae31c38dd3627731362faf1638b

  • SHA256

    e3242bbd0a14045280fe57c7eca7c16a332a79edf58662c3e4ffa825bf78568c

  • SHA512

    439c8bc169dac94fedb73c2e8c77c09d6cd0848765ec6ebe41fb49464ce6b48c1c3dee7c925da34c2b91a39604b0365eddba8fe60cf5946c0bd7128e51f30bf0

Malware Config

Extracted

Family

alienbot

C2

http://vaydemenescomeres.net

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 3 IoCs

Processes

  • damage.found.shrug
    1⤵
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:3679

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads