General

  • Target

    Chrome589828.apk

  • Size

    4.3MB

  • Sample

    210824-7z91nqjlx2

  • MD5

    74ff2c72c16aa2909fdb5adbb83f122b

  • SHA1

    eafc99acfb4757ee27bce2b2bbac0e08bd6f6b52

  • SHA256

    1a79724595a99052723f2422d57ec93b1f62e1cdb2121ae9ae2175b107e60a00

  • SHA512

    f3b3e8d3e96c54c49963c57d009c1bf0fc5993c208fb715630490f1a724efdeffd3f39b4dd7fad2135c81b0b511334bf64d57e5f513c8902f6ebcecbf03644bc

Malware Config

Extracted

Family

alienbot

C2

http://vgokkycl61ck.xyz

Targets

    • Target

      Chrome589828.apk

    • Size

      4.3MB

    • MD5

      74ff2c72c16aa2909fdb5adbb83f122b

    • SHA1

      eafc99acfb4757ee27bce2b2bbac0e08bd6f6b52

    • SHA256

      1a79724595a99052723f2422d57ec93b1f62e1cdb2121ae9ae2175b107e60a00

    • SHA512

      f3b3e8d3e96c54c49963c57d009c1bf0fc5993c208fb715630490f1a724efdeffd3f39b4dd7fad2135c81b0b511334bf64d57e5f513c8902f6ebcecbf03644bc

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

MITRE ATT&CK Matrix

Tasks