Overview

overview

10

Static

static

7

Chrome637178.apk

android_x86

10

Chrome637178.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Chrome637178.apk

  • Size

    4.3MB

  • Sample

    211015-plm3vabfbq

  • MD5

    ea911124defd4bf8d63aba29b0a04ed9

  • SHA1

    de6bdb3f1153e95fbf3b4aff904616ff8340e681

  • SHA256

    dad6cdcd782dc3daf5cf1dbdd82c58336af18b33a87be3f19b0833e547fe90a5

  • SHA512

    1458992047473bdb3aed2e1db675495a2924e70d8ff087e487d140ffaa46c0bec78c0d30f96a24eba4aa09bfce81230e531af817e2ff5332bfe8b60e365a7cd0

Score
10/10
alienbotandroidbankerevasioninfostealerobfuscationtrojan

Malware Config

Extracted

Family

alienbot

C2

http://2tn54bh60mp4mlpqo4k2.xyz

Targets

    • Target

      Chrome637178.apk

    • Size

      4.3MB

    • MD5

      ea911124defd4bf8d63aba29b0a04ed9

    • SHA1

      de6bdb3f1153e95fbf3b4aff904616ff8340e681

    • SHA256

      dad6cdcd782dc3daf5cf1dbdd82c58336af18b33a87be3f19b0833e547fe90a5

    • SHA512

      1458992047473bdb3aed2e1db675495a2924e70d8ff087e487d140ffaa46c0bec78c0d30f96a24eba4aa09bfce81230e531af817e2ff5332bfe8b60e365a7cd0

    Score
    10/10
    alienbotbankerevasioninfostealerobfuscationtrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks