General

  • Target

    d229a9f0a2f6c585ebec74f66a1fb67d97dee870a593b039f9fa7fae7e717220.bin

  • Size

    2MB

  • Sample

    211014-qjr5fshfb3

  • MD5

    4f3228f7fca60edcbdd457755ca19923

  • SHA1

    80550425cad465624c30757521ca371ae78906a3

  • SHA256

    d229a9f0a2f6c585ebec74f66a1fb67d97dee870a593b039f9fa7fae7e717220

  • SHA512

    8d4c3bd6d720cdc23e68c9d3c6de740b31d3986b4c4533cf27cdbdc978dba7cbf36fa0ee1754467a8db9a83120a4d404fd4ef6d7ba8a77e624d8730c6cf9317f

Malware Config

Extracted

Family

alienbot

C2

http://tralakapot.digital

Targets

    • Target

      d229a9f0a2f6c585ebec74f66a1fb67d97dee870a593b039f9fa7fae7e717220.bin

    • Size

      2MB

    • MD5

      4f3228f7fca60edcbdd457755ca19923

    • SHA1

      80550425cad465624c30757521ca371ae78906a3

    • SHA256

      d229a9f0a2f6c585ebec74f66a1fb67d97dee870a593b039f9fa7fae7e717220

    • SHA512

      8d4c3bd6d720cdc23e68c9d3c6de740b31d3986b4c4533cf27cdbdc978dba7cbf36fa0ee1754467a8db9a83120a4d404fd4ef6d7ba8a77e624d8730c6cf9317f

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

MITRE ATT&CK Matrix

Tasks