General

  • Target

    ba625262b247e4c79e729a83f53767c34fc0c25142eedbcc0e74f15d73c64090

  • Size

    1.8MB

  • Sample

    220213-p2vsmacacr

  • MD5

    7a33783b6908f03443d30643688d54c6

  • SHA1

    ab2f85c703fa5e9ff59e28ecb0a621c06c29e530

  • SHA256

    ba625262b247e4c79e729a83f53767c34fc0c25142eedbcc0e74f15d73c64090

  • SHA512

    9110f44761156e117c8ad66a728ecfe166f84f6d5c5bfcca977fa1c2aa244e0613faa057793be15b3a7fa162afd8255ba3f3aa8cd21dd9a6d248c882c9d52ca3

Malware Config

Extracted

Family

alienbot

C2

http://testedwwh.xyz

Targets

    • Target

      ba625262b247e4c79e729a83f53767c34fc0c25142eedbcc0e74f15d73c64090

    • Size

      1.8MB

    • MD5

      7a33783b6908f03443d30643688d54c6

    • SHA1

      ab2f85c703fa5e9ff59e28ecb0a621c06c29e530

    • SHA256

      ba625262b247e4c79e729a83f53767c34fc0c25142eedbcc0e74f15d73c64090

    • SHA512

      9110f44761156e117c8ad66a728ecfe166f84f6d5c5bfcca977fa1c2aa244e0613faa057793be15b3a7fa162afd8255ba3f3aa8cd21dd9a6d248c882c9d52ca3

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Makes use of the framework's Accessibility service.

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

MITRE ATT&CK Matrix

Tasks