Overview

overview

10

Static

static

7

ba625262b2...90.apk

android_x86

10

ba625262b2...90.apk

android_x64

10

ba625262b2...90.apk

android_x64

10

Analysis

  • max time kernel
    4079390s
  • max time network
    174s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    13-02-2022 12:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ba625262b247e4c79e729a83f53767c34fc0c25142eedbcc0e74f15d73c64090.apk

  • Size

    1.8MB

  • MD5

    7a33783b6908f03443d30643688d54c6

  • SHA1

    ab2f85c703fa5e9ff59e28ecb0a621c06c29e530

  • SHA256

    ba625262b247e4c79e729a83f53767c34fc0c25142eedbcc0e74f15d73c64090

  • SHA512

    9110f44761156e117c8ad66a728ecfe166f84f6d5c5bfcca977fa1c2aa244e0613faa057793be15b3a7fa162afd8255ba3f3aa8cd21dd9a6d248c882c9d52ca3

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://testedwwh.xyz

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Checks Qemu related system properties. 1 IoCs

    Checks for Android system properties related to Qemu for Emulator detection.

  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • jbx.roagjksrlsxsmknhdrizttgrhs.fbf
    1⤵
    • Checks Qemu related system properties.
    • Loads dropped Dex/Jar
    PID:3848
    • jbx.roagjksrlsxsmknhdrizttgrhs.fbf
      2⤵
        PID:3928
      • getprop
        2⤵
          PID:3928
        • jbx.roagjksrlsxsmknhdrizttgrhs.fbf
          2⤵
            PID:3971
          • getprop
            2⤵
              PID:3971
            • jbx.roagjksrlsxsmknhdrizttgrhs.fbf
              2⤵
                PID:4009
              • getprop
                2⤵
                  PID:4009
                • jbx.roagjksrlsxsmknhdrizttgrhs.fbf
                  2⤵
                    PID:4033
                  • getprop
                    2⤵
                      PID:4033

                  Network

                  MITRE ATT&CK Matrix

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads

                  • /data/user/0/jbx.roagjksrlsxsmknhdrizttgrhs.fbf/app_DynamicOptDex/baiFN.json
                    MD5

                    97e5b1a031761f8e6e738ddbc3e73d30

                    SHA1

                    172e280d5ac63bbdfbcbf93aac3f979a461e3769

                    SHA256

                    bfac6923f972a412f9de2a67f1a5775b52d27555f4bb1cc92efdcd27e48b6280

                    SHA512

                    115c11c5524337b4327a6c4659a914f689a6bba99dd04fd7f191d406b42bff31fe1852a2766d42b29f09d7f38bbfb54bd6523f283e41882e26a6dcec68e8b65f

                    Download Submit

                  • /data/user/0/jbx.roagjksrlsxsmknhdrizttgrhs.fbf/app_DynamicOptDex/baiFN.json
                    MD5

                    97e5b1a031761f8e6e738ddbc3e73d30

                    SHA1

                    172e280d5ac63bbdfbcbf93aac3f979a461e3769

                    SHA256

                    bfac6923f972a412f9de2a67f1a5775b52d27555f4bb1cc92efdcd27e48b6280

                    SHA512

                    115c11c5524337b4327a6c4659a914f689a6bba99dd04fd7f191d406b42bff31fe1852a2766d42b29f09d7f38bbfb54bd6523f283e41882e26a6dcec68e8b65f

                    Download Submit