Overview

overview

10

Static

static

7

b335f960c8...2c.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b335f960c825621cc07c83e1559a36fe156183d2e6f2b39c1b79f779a1cefd2c.apk

  • Size

    2.7MB

  • Sample

    211015-k7hyssbebm

  • MD5

    28549ff7c27ce24f6d60c6488d08fa70

  • SHA1

    7c8f05d6713c6f3c2096bf0132157e9dfe7fc3bd

  • SHA256

    b335f960c825621cc07c83e1559a36fe156183d2e6f2b39c1b79f779a1cefd2c

  • SHA512

    a7f4c045b9a5d00893cbf7710fe46d1db6ce9b69f256bc7586c859f806a0c7d7ee1f31b0c3e3ae76128d7b2cbc99fac40594c1ce25985f389f46c75c57be7831

Score
10/10
alienbotandroidbankerevasioninfostealerobfuscationtrojan

Malware Config

Extracted

Family

alienbot

C2

http://flpaowulouriaos.ml

Targets

    • Target

      b335f960c825621cc07c83e1559a36fe156183d2e6f2b39c1b79f779a1cefd2c.apk

    • Size

      2.7MB

    • MD5

      28549ff7c27ce24f6d60c6488d08fa70

    • SHA1

      7c8f05d6713c6f3c2096bf0132157e9dfe7fc3bd

    • SHA256

      b335f960c825621cc07c83e1559a36fe156183d2e6f2b39c1b79f779a1cefd2c

    • SHA512

      a7f4c045b9a5d00893cbf7710fe46d1db6ce9b69f256bc7586c859f806a0c7d7ee1f31b0c3e3ae76128d7b2cbc99fac40594c1ce25985f389f46c75c57be7831

    Score
    10/10
    alienbotbankerevasioninfostealerobfuscationtrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    • Reads name of network operator

      Uses Android APIs to discover system information.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1

MITRE ATT&CK Matrix

Tasks