Resubmissions

20-08-2021 20:23

210820-6fb97sdp2j 10

Analysis

  • max time kernel
    1698487s
  • max time network
    176s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    20-08-2021 20:23

General

  • Target

    Ifsa_Videosu.apk

  • Size

    3.3MB

  • MD5

    8d244ac025fb51c1348003dc9c3c3ea2

  • SHA1

    fab5bd3e1504011efe253dfc344852f6b5c644a1

  • SHA256

    ee5632e3c0717693c9ab993c2b0c5b6edb503383215895f99800d915d92d1b8e

  • SHA512

    83b782add0d8aeb33e18e29749c30665fe9139a8926e8c01c143f1299671633525c25a9c727b9e2f542b3763c031f7116669a5d937c60c40117a6309b0881caa

Malware Config

Extracted

Family

alienbot

C2

https://instagrambuyukprofil.com

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

  • Loads dropped Dex/Jar 8 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads name of network operator 1 IoCs

    Uses Android APIs to discover system information.

  • Uses reflection 49 IoCs

Processes

  • umbrella.thought.elevator
    1⤵
    • Loads dropped Dex/Jar
    • Reads name of network operator
    • Uses reflection
    PID:3608

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads