Analysis

  • max time kernel
    1498211s
  • max time network
    65s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    18-08-2021 12:45

General

  • Target

    f0c01e8d32799d24ebb463e45ea5626eee6c852ea1a9eae012e27acac77f1676.apk

  • Size

    3.2MB

  • MD5

    54be1c3f4125c3f4967a3e7a6b063de7

  • SHA1

    a7eecfd9dcb060e14df2232a9a3438b1512f433c

  • SHA256

    f0c01e8d32799d24ebb463e45ea5626eee6c852ea1a9eae012e27acac77f1676

  • SHA512

    f37c2b04fada172c1275519d37e7e3f8d6ed5ee47b2a1303b0f22adccb6404c302f2e206464c884315dd3ba8061c0c1761d952704736ac5d333cbb3deee2105d

Malware Config

Extracted

Family

alienbot

C2

http://ebruok3oam.digital

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 3 IoCs

Processes

  • turkey.library.win
    1⤵
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:3664

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads