Analysis
-
max time kernel
1409269s -
max time network
42s -
platform
android_x64 -
resource
android-x64 -
submitted
17-08-2021 12:04
Static task
static1
Behavioral task
behavioral1
Sample
61235463c9950b19b86c57f9082ab0c8f966d4a59f6e48894cb621b740ffdfb8.apk
Resource
android-x64
0 signatures
0 seconds
General
-
Target
61235463c9950b19b86c57f9082ab0c8f966d4a59f6e48894cb621b740ffdfb8.apk
-
Size
3.8MB
-
MD5
6284fdaa36599b46900173d9f3443ad8
-
SHA1
8dbd55cfc6a3974ceae902630394f6341c58d175
-
SHA256
61235463c9950b19b86c57f9082ab0c8f966d4a59f6e48894cb621b740ffdfb8
-
SHA512
56beb077f79ffdcbe0a3a68c611f6608ea330b6bfa74a25db0e9a71455148b76f1e44938214011e4533c57e4f3a357f5fff89ef606d6db65033a71640623a75c
Score
10/10
Malware Config
Extracted
Family
alienbot
C2
http://hermenegildo.xyz
Signatures
-
Alienbot
Alienbot is a fork of Cerberus banker first seen in January 2020.
-
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/spirit.painting.cancel/app_DynamicOptDex/mmroheraaaygftk.json 3679 spirit.painting.cancel