Overview

overview

10

Static

static

7

98338c83e7...b4.apk

android_x86

98338c83e7...b4.apk

android_x64

10

98338c83e7...b4.apk

android_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    98338c83e7e89c0f913de151ffa6219504116561328a1bbede46f78d910137b4

  • Size

    1.3MB

  • Sample

    220201-fl9r6shfc5

  • MD5

    0b36daf30cb8c83da3916ef1123f0011

  • SHA1

    07bc566eb38294c3e3f1589cd9fb645ee63823f1

  • SHA256

    98338c83e7e89c0f913de151ffa6219504116561328a1bbede46f78d910137b4

  • SHA512

    144d76ef903f8e6fef154832f0a81c5b271c29c55bed12a8f7007b96cbf94091168c58e37ebf62adc8fa52bcf374e81ae3aae68e32921e3bdaf70560ecf86a05

Score
10/10
alienbotandroidbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://zeusland.uno

Targets

    • Target

      98338c83e7e89c0f913de151ffa6219504116561328a1bbede46f78d910137b4

    • Size

      1.3MB

    • MD5

      0b36daf30cb8c83da3916ef1123f0011

    • SHA1

      07bc566eb38294c3e3f1589cd9fb645ee63823f1

    • SHA256

      98338c83e7e89c0f913de151ffa6219504116561328a1bbede46f78d910137b4

    • SHA512

      144d76ef903f8e6fef154832f0a81c5b271c29c55bed12a8f7007b96cbf94091168c58e37ebf62adc8fa52bcf374e81ae3aae68e32921e3bdaf70560ecf86a05

    Score
    10/10
    alienbotbankerinfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks