alienbot | b335f960c825621cc07c83e1559a36fe156183d2e6f2b39c1b79f779a1cefd2c | Triage

Submit
Reports

Overview

overview

Static

static

7

b335f960c8...2c.apk

android_x64

Sharing

General

Target

b335f960c825621cc07c83e1559a36fe156183d2e6f2b39c1b79f779a1cefd2c.apk
Size

2.7MB
Sample

211015-k7hyssbebm
MD5

28549ff7c27ce24f6d60c6488d08fa70
SHA1

7c8f05d6713c6f3c2096bf0132157e9dfe7fc3bd
SHA256

b335f960c825621cc07c83e1559a36fe156183d2e6f2b39c1b79f779a1cefd2c
SHA512

a7f4c045b9a5d00893cbf7710fe46d1db6ce9b69f256bc7586c859f806a0c7d7ee1f31b0c3e3ae76128d7b2cbc99fac40594c1ce25985f389f46c75c57be7831

Score

10^/10

alienbot android banker evasion infostealer obfuscation trojan

Static task

static1

Behavioral task

behavioral1

Sample

b335f960c825621cc07c83e1559a36fe156183d2e6f2b39c1b79f779a1cefd2c.apk

Resource

android-x64

alienbot banker evasion infostealer obfuscation trojan

android_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

alienbot

C2

http://flpaowulouriaos.ml

Targets

- Target
  
  b335f960c825621cc07c83e1559a36fe156183d2e6f2b39c1b79f779a1cefd2c.apk
- Size
  
  2.7MB
- MD5
  
  28549ff7c27ce24f6d60c6488d08fa70
- SHA1
  
  7c8f05d6713c6f3c2096bf0132157e9dfe7fc3bd
- SHA256
  
  b335f960c825621cc07c83e1559a36fe156183d2e6f2b39c1b79f779a1cefd2c
- SHA512
  
  a7f4c045b9a5d00893cbf7710fe46d1db6ce9b69f256bc7586c859f806a0c7d7ee1f31b0c3e3ae76128d7b2cbc99fac40594c1ce25985f389f46c75c57be7831
Score

10^/10

alienbot banker evasion infostealer obfuscation trojan
- Alienbot
  Alienbot is a fork of Cerberus banker first seen in January 2020.
  banker trojan infostealer alienbot
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Requests enabling of the accessibility settings.
- Reads name of network operator
  Uses Android APIs to discover system information.
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

alienbotbankerevasioninfostealerobfuscationtrojan

© 2018-2024

Terms | Privacy