Overview

overview

10

Static

static

7

bca52647ce...39.apk

android_x86

bca52647ce...39.apk

android_x64

bca52647ce...39.apk

android_x64

10

Analysis

  • max time kernel
    3011290s
  • max time network
    187s
  • platform
    android_x64
  • resource
    android-x64-arm64
  • submitted
    01-02-2022 04:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bca52647ce9f4900b754fcc0d8ef6329fb0229401e833534905969d10a82d839.apk

  • Size

    1.7MB

  • MD5

    ae8158afe08a63dfa62ef1625b8c3002

  • SHA1

    33175fb15c19ad7d29c4c0a500ed570376d690f6

  • SHA256

    bca52647ce9f4900b754fcc0d8ef6329fb0229401e833534905969d10a82d839

  • SHA512

    987753531f76d823aae67880383d0d08aaae2730dc8979e8952812cd0278c38d28f72109151f2692024aeda75b7ee6b0a54fee4ca4c55ba0cbb71255ba700baa

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://botduke1.ug

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Makes use of the framework's Accessibility service. 1 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • rnwjzlri.qiaopwnzcqrijy.ioyfsiukwf
    1⤵
    • Makes use of the framework's Accessibility service.
    • Loads dropped Dex/Jar
    PID:6254
    • rnwjzlri.qiaopwnzcqrijy.ioyfsiukwf
      2⤵
        PID:6506
      • getprop
        2⤵
          PID:6506
        • rnwjzlri.qiaopwnzcqrijy.ioyfsiukwf
          2⤵
            PID:6854

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /data/user/0/rnwjzlri.qiaopwnzcqrijy.ioyfsiukwf/app_DynamicOptDex/cAdCpT.json
          MD5

          3d759998e57711b985c01424e5585d9d

          SHA1

          b48d93a8fc0d4a1f92384183e98918fd0a80b271

          SHA256

          4637642cbf9ff031a06b9c1fa44d8f812830d51e7aa569a7acab6bf4af6b0298

          SHA512

          8270a62560f0997d97aff534bae32bf1b91006c782fdb8be8260f1442e8ed02727b6dd83471757e2d8fa005cf062f521353d2cbff38387290b1d8c73f864aae0

          Download Submit

        • /data/user/0/rnwjzlri.qiaopwnzcqrijy.ioyfsiukwf/app_DynamicOptDex/cAdCpT.json
          MD5

          3d759998e57711b985c01424e5585d9d

          SHA1

          b48d93a8fc0d4a1f92384183e98918fd0a80b271

          SHA256

          4637642cbf9ff031a06b9c1fa44d8f812830d51e7aa569a7acab6bf4af6b0298

          SHA512

          8270a62560f0997d97aff534bae32bf1b91006c782fdb8be8260f1442e8ed02727b6dd83471757e2d8fa005cf062f521353d2cbff38387290b1d8c73f864aae0

          Download Submit