Analysis

  • max time kernel
    1498795s
  • max time network
    56s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    18-08-2021 12:56

General

  • Target

    ef5e94b6998d515e7b80e5223105aee33c9643c28ea4394f5f86383aa2909984.apk

  • Size

    3.2MB

  • MD5

    a6e4512549708e858e504bbc73d24b5e

  • SHA1

    97ee6e45d899264deafd648cb34ca6da0a09b080

  • SHA256

    ef5e94b6998d515e7b80e5223105aee33c9643c28ea4394f5f86383aa2909984

  • SHA512

    db9cc5673875a4fd7300515964c90cf0bb70dc6eb610fc4383a3b5c8f7fdefb5b0a99d183c9ce2f24fc49f791dfc9aebbc44915b664ef017ddc47ab565d4f6cc

Malware Config

Extracted

Family

alienbot

C2

http://tayderik.net

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads name of network operator 1 IoCs

    Uses Android APIs to discover system information.

  • Uses reflection 8 IoCs

Processes

  • april.dice.kitchen
    1⤵
    • Loads dropped Dex/Jar
    • Reads name of network operator
    • Uses reflection
    PID:3604

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads