Analysis

  • max time kernel
    1409269s
  • max time network
    42s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    17-08-2021 12:04

General

  • Target

    61235463c9950b19b86c57f9082ab0c8f966d4a59f6e48894cb621b740ffdfb8.apk

  • Size

    3.8MB

  • MD5

    6284fdaa36599b46900173d9f3443ad8

  • SHA1

    8dbd55cfc6a3974ceae902630394f6341c58d175

  • SHA256

    61235463c9950b19b86c57f9082ab0c8f966d4a59f6e48894cb621b740ffdfb8

  • SHA512

    56beb077f79ffdcbe0a3a68c611f6608ea330b6bfa74a25db0e9a71455148b76f1e44938214011e4533c57e4f3a357f5fff89ef606d6db65033a71640623a75c

Malware Config

Extracted

Family

alienbot

C2

http://hermenegildo.xyz

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • spirit.painting.cancel
    1⤵
    • Loads dropped Dex/Jar
    PID:3679

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads