General
-
Target
f2464f7281803b95c1512b5cbf9d62b991e2cd051190aeca2cb1383baeaea036.apk
-
Size
2.8MB
-
Sample
211015-k13pmabeaj
-
MD5
b561292a5ae3e8e9f3c79d710f7fbf29
-
SHA1
419053f732cd7c29651d501e50af714b17a416ae
-
SHA256
f2464f7281803b95c1512b5cbf9d62b991e2cd051190aeca2cb1383baeaea036
-
SHA512
8eeedaec595df7f20e133cd3bf2ebd160c33775c947e9bbd62ac538421bf7c7fc7b8199bcd34061c88d122141b3dbeb9b0616b1b4e556db4b583034192e4100a
Malware Config
Extracted
alienbot
http://labalonumicosutu.ml
Targets
-
-
Target
f2464f7281803b95c1512b5cbf9d62b991e2cd051190aeca2cb1383baeaea036.apk
-
Size
2.8MB
-
MD5
b561292a5ae3e8e9f3c79d710f7fbf29
-
SHA1
419053f732cd7c29651d501e50af714b17a416ae
-
SHA256
f2464f7281803b95c1512b5cbf9d62b991e2cd051190aeca2cb1383baeaea036
-
SHA512
8eeedaec595df7f20e133cd3bf2ebd160c33775c947e9bbd62ac538421bf7c7fc7b8199bcd34061c88d122141b3dbeb9b0616b1b4e556db4b583034192e4100a
Score10/10-
Alienbot
Alienbot is a fork of Cerberus banker first seen in January 2020.
-
Checks Android system properties for emulator presence.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Requests enabling of the accessibility settings.
-
Reads name of network operator
Uses Android APIs to discover system information.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-