Overview

overview

10

Static

static

7

342a9f1309...55.apk

android_x86

10

342a9f1309...55.apk

android_x64

10

342a9f1309...55.apk

android_x64

10

Analysis

  • max time kernel
    4079576s
  • max time network
    170s
  • platform
    android_x64
  • resource
    android-x64-arm64
  • submitted
    13-02-2022 12:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    342a9f13097e57efc2324b1db53f77b058c3734d51448c497f543ad003201555.apk

  • Size

    2.2MB

  • MD5

    d19df565e9c5d661b8bfbc6283936f75

  • SHA1

    d5fb04491de0eb596bb9ec01dd5b271d72bae87b

  • SHA256

    342a9f13097e57efc2324b1db53f77b058c3734d51448c497f543ad003201555

  • SHA512

    624369a6aa2cdebf68d53691bcf843bfd7b96ead86096a850772f4d953fa87b998f11d2e21d7401952ce8fcfd686bfde4b8f87dd1fb356808cd1199ea804d4fd

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://xasmascon771.icu

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Makes use of the framework's Accessibility service. 1 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • okqfjhhtlohmgupciyhmoigta.fpt.yuddsjkkctjfmchocuqssqpiopy
    1⤵
    • Makes use of the framework's Accessibility service.
    • Loads dropped Dex/Jar
    PID:5545
    • okqfjhhtlohmgupciyhmoigta.fpt.yuddsjkkctjfmchocuqssqpiopy
      2⤵
        PID:6399
      • okqfjhhtlohmgupciyhmoigta.fpt.yuddsjkkctjfmchocuqssqpiopy
        2⤵
          PID:6694
        • okqfjhhtlohmgupciyhmoigta.fpt.yuddsjkkctjfmchocuqssqpiopy
          2⤵
            PID:6729
          • okqfjhhtlohmgupciyhmoigta.fpt.yuddsjkkctjfmchocuqssqpiopy
            2⤵
              PID:6760
            • okqfjhhtlohmgupciyhmoigta.fpt.yuddsjkkctjfmchocuqssqpiopy
              2⤵
                PID:6808
              • okqfjhhtlohmgupciyhmoigta.fpt.yuddsjkkctjfmchocuqssqpiopy
                2⤵
                  PID:6841
                • okqfjhhtlohmgupciyhmoigta.fpt.yuddsjkkctjfmchocuqssqpiopy
                  2⤵
                    PID:6871

                Network

                MITRE ATT&CK Matrix

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • /data/user/0/okqfjhhtlohmgupciyhmoigta.fpt.yuddsjkkctjfmchocuqssqpiopy/app_DynamicOptDex/RYi.json
                  MD5

                  6bee1015382020e24268f53840336d89

                  SHA1

                  324abeb29c2d5adb3c4aba8d45d4ef1ac824d01d

                  SHA256

                  a57b1c5fa3f6106b72b9a5f5c562d4805b058cd375b59e6ee3ab68e0a2a64e16

                  SHA512

                  20a814ccac6277a952f356b57bb354c654968e04872d80471d73dc14277546b3bb08eeab549db44c07b7ec4d7d3b97e70fac60fa59acfa56c670702b3a64e6bd

                  Download Submit

                • /data/user/0/okqfjhhtlohmgupciyhmoigta.fpt.yuddsjkkctjfmchocuqssqpiopy/app_DynamicOptDex/RYi.json
                  MD5

                  6bee1015382020e24268f53840336d89

                  SHA1

                  324abeb29c2d5adb3c4aba8d45d4ef1ac824d01d

                  SHA256

                  a57b1c5fa3f6106b72b9a5f5c562d4805b058cd375b59e6ee3ab68e0a2a64e16

                  SHA512

                  20a814ccac6277a952f356b57bb354c654968e04872d80471d73dc14277546b3bb08eeab549db44c07b7ec4d7d3b97e70fac60fa59acfa56c670702b3a64e6bd

                  Download Submit