Overview

overview

10

Static

static

7

604b3cd50e...9b.apk

android_x86

10

604b3cd50e...9b.apk

android_x64

10

604b3cd50e...9b.apk

android_x64

10

Analysis

  • max time kernel
    3018562s
  • max time network
    183s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    01-02-2022 06:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    604b3cd50ef3b0df46bcb07a1d2d0fad31f517f4ef541036d9f0161d3c69499b.apk

  • Size

    1.4MB

  • MD5

    965250dc9f6afd4b419091813d4fd585

  • SHA1

    9c58d32eaa79c85644f9a50c56f8cacadb09e8b4

  • SHA256

    604b3cd50ef3b0df46bcb07a1d2d0fad31f517f4ef541036d9f0161d3c69499b

  • SHA512

    430129ba9e6b4ea919fbadc996b12a6a0e3b05786904688e7e5597789c880a86b67642cf35bccf65b75875ce6c9f4db1ec6c04b2143574964298a528a035edd4

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://ahf4ycvea439tt9rq.site

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • xkqmtyq.jhsgjwojcncbmtlsk.xlkbczbjwuanyd
    1⤵
    • Loads dropped Dex/Jar
    PID:3851
    • xkqmtyq.jhsgjwojcncbmtlsk.xlkbczbjwuanyd
      2⤵
        PID:3920
      • getprop
        2⤵
          PID:3920
        • xkqmtyq.jhsgjwojcncbmtlsk.xlkbczbjwuanyd
          2⤵
            PID:3976
          • getprop
            2⤵
              PID:3976
            • xkqmtyq.jhsgjwojcncbmtlsk.xlkbczbjwuanyd
              2⤵
                PID:4016
              • getprop
                2⤵
                  PID:4016
                • xkqmtyq.jhsgjwojcncbmtlsk.xlkbczbjwuanyd
                  2⤵
                    PID:4036
                  • getprop
                    2⤵
                      PID:4036
                    • xkqmtyq.jhsgjwojcncbmtlsk.xlkbczbjwuanyd
                      2⤵
                        PID:4073
                      • getprop
                        2⤵
                          PID:4073
                        • xkqmtyq.jhsgjwojcncbmtlsk.xlkbczbjwuanyd
                          2⤵
                            PID:4098
                          • getprop
                            2⤵
                              PID:4098
                            • xkqmtyq.jhsgjwojcncbmtlsk.xlkbczbjwuanyd
                              2⤵
                                PID:4137
                              • getprop
                                2⤵
                                  PID:4137

                              Network

                              MITRE ATT&CK Matrix

                              Replay Monitor

                              Loading Replay Monitor...

                              Downloads

                              • /data/user/0/xkqmtyq.jhsgjwojcncbmtlsk.xlkbczbjwuanyd/app_DynamicOptDex/gNGn.json
                                MD5

                                8fb2c3ed543489ef2465e267b7e975ea

                                SHA1

                                5c4c7828ef69e217bff85e1fd01dbd137fdddd2f

                                SHA256

                                4c7a594cb2f1bff308ba90ebe468bd77361ef9183573536b1fe10c0e5f9b36c4

                                SHA512

                                34e2eee0ebfcb1b4693226d22f2bcca3128769d710973e75b36ea63a2c874aeef1bf0f58534b46aacf2de57bd5bd4d6c52efc8607ed58bb21cd9fb98e9fae17f

                                Download Submit

                              • /data/user/0/xkqmtyq.jhsgjwojcncbmtlsk.xlkbczbjwuanyd/app_DynamicOptDex/gNGn.json
                                MD5

                                8fb2c3ed543489ef2465e267b7e975ea

                                SHA1

                                5c4c7828ef69e217bff85e1fd01dbd137fdddd2f

                                SHA256

                                4c7a594cb2f1bff308ba90ebe468bd77361ef9183573536b1fe10c0e5f9b36c4

                                SHA512

                                34e2eee0ebfcb1b4693226d22f2bcca3128769d710973e75b36ea63a2c874aeef1bf0f58534b46aacf2de57bd5bd4d6c52efc8607ed58bb21cd9fb98e9fae17f

                                Download Submit