General

  • Target

    9af495960c9273c5146acff470aca862354f6f8f8019620f4edf7162849f4568.apk

  • Size

    3.0MB

  • Sample

    210824-8h2yrj24px

  • MD5

    d147a4ab436ac70c63053061624af3fb

  • SHA1

    d379e1a1f2801fe81c4c05c20ed3dd9b9a0f6eb5

  • SHA256

    9af495960c9273c5146acff470aca862354f6f8f8019620f4edf7162849f4568

  • SHA512

    a32154148adf34a1f9809c770dccf7ab11f7bcc4e5e8700ec763999f75d057f57d78a95c5ffcc9b67cef96e99a0aa0be1ee610736d077cb0c5020527bc4ef303

Malware Config

Extracted

Family

alienbot

C2

http://sillldkisteaqq.com

Targets

    • Target

      9af495960c9273c5146acff470aca862354f6f8f8019620f4edf7162849f4568.apk

    • Size

      3.0MB

    • MD5

      d147a4ab436ac70c63053061624af3fb

    • SHA1

      d379e1a1f2801fe81c4c05c20ed3dd9b9a0f6eb5

    • SHA256

      9af495960c9273c5146acff470aca862354f6f8f8019620f4edf7162849f4568

    • SHA512

      a32154148adf34a1f9809c770dccf7ab11f7bcc4e5e8700ec763999f75d057f57d78a95c5ffcc9b67cef96e99a0aa0be1ee610736d077cb0c5020527bc4ef303

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

MITRE ATT&CK Matrix

Tasks