Overview

overview

10

Static

static

7

4edb08cbf1...cc.apk

android_x86

10

4edb08cbf1...cc.apk

android_x64

10

4edb08cbf1...cc.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4edb08cbf1b0dda9b0d087d5bedfe8766bf47ce3fde040f6f86440d184acafcc.zip

  • Size

    1.9MB

  • Sample

    220411-w5kv6abge9

  • MD5

    6deb82b1a6a5014dc0248051d92aadab

  • SHA1

    3aafd728df5f05cfd34ea0dbc4e883106cf1cebe

  • SHA256

    bb738bb95324d2afa20b4cd1f1ef406ca7ba59eda23754b0db00b3c864aef777

  • SHA512

    369f473a6584dd3339dae958b377c2a4c27ce8a148af539c3dba724ebd16c982b385d101b66cd4ed433a2d09b1c969e8bd0d181de6cfd8dc8c4210d31df27673

Score
10/10
alienbotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://dadmalasvghalclk.digital

Targets

    • Target

      4edb08cbf1b0dda9b0d087d5bedfe8766bf47ce3fde040f6f86440d184acafcc

    • Size

      2.0MB

    • MD5

      04c28fccb57622f167fb361457fa3c9d

    • SHA1

      0a6365dee1f2f01b61f24d806889e82630dca613

    • SHA256

      4edb08cbf1b0dda9b0d087d5bedfe8766bf47ce3fde040f6f86440d184acafcc

    • SHA512

      10446f6a7973a3d17870ca1c6770d2d29c553ec83995359260a7e5806263df573098fe91d8b8fb8914b0f11d986dc5a83283797663f0b09a2b754fb9c69d2e4d

    Score
    10/10
    alienbotbankerevasioninfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks