General

  • Target

    def6f9ca328370cef534514bb55b67a0c6aa160131aba5d0abd76b9d752d78a3.apk

  • Size

    2.9MB

  • Sample

    210830-h9jf18bgvj

  • MD5

    bafea14646ac3f28b8054a882955258a

  • SHA1

    8480c68f5b168c4a292ef37d53a0b40a646ac095

  • SHA256

    def6f9ca328370cef534514bb55b67a0c6aa160131aba5d0abd76b9d752d78a3

  • SHA512

    bb5ce23f1e9227808366a175fcd88b90b478a6a6d3a93ccce044b9084654ce039f3b0aaaeb0d9a98d65ab31d4a95dc89f41b4c534d72f15e8673ed8448d49bbc

Malware Config

Extracted

Family

alienbot

C2

http://seysoydos.net

Targets

    • Target

      def6f9ca328370cef534514bb55b67a0c6aa160131aba5d0abd76b9d752d78a3.apk

    • Size

      2.9MB

    • MD5

      bafea14646ac3f28b8054a882955258a

    • SHA1

      8480c68f5b168c4a292ef37d53a0b40a646ac095

    • SHA256

      def6f9ca328370cef534514bb55b67a0c6aa160131aba5d0abd76b9d752d78a3

    • SHA512

      bb5ce23f1e9227808366a175fcd88b90b478a6a6d3a93ccce044b9084654ce039f3b0aaaeb0d9a98d65ab31d4a95dc89f41b4c534d72f15e8673ed8448d49bbc

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

MITRE ATT&CK Matrix

Tasks