General
-
Target
0da75ac97f4ec8954a961c270bcbe75bd2671c65cf25db45540b70f1ff403e31.zip
-
Size
3.5MB
-
Sample
220412-qjty2sbfdl
-
MD5
125cebbdbaf30dcb12d130a13da20529
-
SHA1
093013da9bd008240fdf314cd45a9dc80bf2f157
-
SHA256
8a3cb0110d45d71f335ae9c07afb38d9e4a57b46529ff045f8ec3de1e6926d0c
-
SHA512
9f8e2af8e977f44c238ef42128f45990f0923dc0059d3f397f322aea400895b6f0bbc063916646b219a43d2370abc1b5597b62f7c58a77f7f350fd5ce358e98c
Malware Config
Extracted
alienbot
http://cupboardg2irl3c.com
Targets
-
-
Target
0da75ac97f4ec8954a961c270bcbe75bd2671c65cf25db45540b70f1ff403e31
-
Size
3.7MB
-
MD5
6cf5d6abcc04d1d37c85df5dc543ba0e
-
SHA1
a6256e0aa101fc07319f19d6908f174ed8d14f5f
-
SHA256
0da75ac97f4ec8954a961c270bcbe75bd2671c65cf25db45540b70f1ff403e31
-
SHA512
5d5f1d000d3ee111b01aa7df044357778c5701848a3672de6817c2cb3452843bc8408f7e31cca1f3321ced0c444f9e6425ca419ef03a397d5f12e4736d31d18a
Score10/10-
Alienbot
Alienbot is a fork of Cerberus banker first seen in January 2020.
-
Makes use of the framework's Accessibility service.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Removes a system notification.
-