Overview

overview

10

Static

static

7

df77910503...db.apk

android_x86

10

df77910503...db.apk

android_x64

10

df77910503...db.apk

android_x64

10

Analysis

  • max time kernel
    4079232s
  • max time network
    143s
  • platform
    android_x64
  • resource
    android-x64-arm64
  • submitted
    13-02-2022 12:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    df77910503d7fefae3915bb372455575e335b33e6a6f82f7cf8f5957c68daadb.apk

  • Size

    2.3MB

  • MD5

    e747bf2176196039fe2d4c4554728a8f

  • SHA1

    adc8aca22e30c546ee0efc6cbe2340ff2cc3329c

  • SHA256

    df77910503d7fefae3915bb372455575e335b33e6a6f82f7cf8f5957c68daadb

  • SHA512

    e0660af3b33062964137c568e589ef8a26147c0ca83eb40afd0e57e0f296fc0fe8c8dd5fdb66a5fe2eac8a5e40518f4da796721919829eee0611a46bccb6e68f

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://tifoumiz.com

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Makes use of the framework's Accessibility service. 1 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • aciewtjnxbkcdxzhoabso.yhsxudbuwodnudkkrda.frlxqjezpmuisep
    1⤵
    • Makes use of the framework's Accessibility service.
    • Loads dropped Dex/Jar
    PID:5624
    • aciewtjnxbkcdxzhoabso.yhsxudbuwodnudkkrda.frlxqjezpmuisep
      2⤵
        PID:6351
      • getprop
        2⤵
          PID:6351
        • aciewtjnxbkcdxzhoabso.yhsxudbuwodnudkkrda.frlxqjezpmuisep
          2⤵
            PID:6853
          • getprop
            2⤵
              PID:6853
            • aciewtjnxbkcdxzhoabso.yhsxudbuwodnudkkrda.frlxqjezpmuisep
              2⤵
                PID:6892
              • getprop
                2⤵
                  PID:6892
                • aciewtjnxbkcdxzhoabso.yhsxudbuwodnudkkrda.frlxqjezpmuisep
                  2⤵
                    PID:6932
                  • getprop
                    2⤵
                      PID:6932
                    • aciewtjnxbkcdxzhoabso.yhsxudbuwodnudkkrda.frlxqjezpmuisep
                      2⤵
                        PID:6964
                      • getprop
                        2⤵
                          PID:6964
                        • aciewtjnxbkcdxzhoabso.yhsxudbuwodnudkkrda.frlxqjezpmuisep
                          2⤵
                            PID:6998
                          • getprop
                            2⤵
                              PID:6998

                          Network

                          MITRE ATT&CK Matrix

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • /data/user/0/aciewtjnxbkcdxzhoabso.yhsxudbuwodnudkkrda.frlxqjezpmuisep/app_DynamicOptDex/SmJXMZo.json
                            MD5

                            c602762d7c0114dcfdb95752b22bb926

                            SHA1

                            7439ccb5706b23ba66456096264777d311ad1b60

                            SHA256

                            b5babbca89c0565bb4bfe32af80e998a28f39e40590221f7a8fdda104a517710

                            SHA512

                            c56693c7b5a3a1695aaeab3493313628bf6e178353aac57131c3fb23a6394f95abdbbb7114a0c5c8fccf35df9b96089926d2bacbd21db39cf50b0f8bd330fa53

                            Download Submit

                          • /data/user/0/aciewtjnxbkcdxzhoabso.yhsxudbuwodnudkkrda.frlxqjezpmuisep/app_DynamicOptDex/SmJXMZo.json
                            MD5

                            c602762d7c0114dcfdb95752b22bb926

                            SHA1

                            7439ccb5706b23ba66456096264777d311ad1b60

                            SHA256

                            b5babbca89c0565bb4bfe32af80e998a28f39e40590221f7a8fdda104a517710

                            SHA512

                            c56693c7b5a3a1695aaeab3493313628bf6e178353aac57131c3fb23a6394f95abdbbb7114a0c5c8fccf35df9b96089926d2bacbd21db39cf50b0f8bd330fa53

                            Download Submit