Overview

overview

10

Static

static

7

0da75ac97f...31.apk

android_x86

10

0da75ac97f...31.apk

android_x64

10

0da75ac97f...31.apk

android_x64

10

Analysis

  • max time kernel
    502227s
  • max time network
    166s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    12-04-2022 13:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0da75ac97f4ec8954a961c270bcbe75bd2671c65cf25db45540b70f1ff403e31.apk

  • Size

    3.7MB

  • MD5

    6cf5d6abcc04d1d37c85df5dc543ba0e

  • SHA1

    a6256e0aa101fc07319f19d6908f174ed8d14f5f

  • SHA256

    0da75ac97f4ec8954a961c270bcbe75bd2671c65cf25db45540b70f1ff403e31

  • SHA512

    5d5f1d000d3ee111b01aa7df044357778c5701848a3672de6817c2cb3452843bc8408f7e31cca1f3321ced0c444f9e6425ca419ef03a397d5f12e4736d31d18a

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://cupboardg2irl3c.com

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • teach.report.crane
    1⤵
    • Loads dropped Dex/Jar
    PID:6190
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6322
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6489
        • getprop ro.miui.ui.version.name
          2⤵
            PID:6543
          • getprop ro.miui.ui.version.name
            2⤵
              PID:6598

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • /data/user/0/teach.report.crane/app_DynamicOptDex/oat/wU.json.cur.prof
            MD5

            d41d8cd98f00b204e9800998ecf8427e

            SHA1

            da39a3ee5e6b4b0d3255bfef95601890afd80709

            SHA256

            e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

            SHA512

            cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

            Download Submit

          • /data/user/0/teach.report.crane/app_DynamicOptDex/wU.json
            Filesize

            748KB

            MD5

            a290ecb1e4b9bbdb67049a4c1ed14e35

            SHA1

            efc9eabd8d9cd70cf33e8aaaa518d32e3b603731

            SHA256

            06f2f51c8298493c4d3dac8d814844f7bdd65eb6bc19ae5b085e8781ad7ccbfa

            SHA512

            4e8217c96ac549f33a7677fcd305317060059ed839175757d54d18429023a15a1a177b5d384c64e5bab9f1454a15c3af6e94faf9f22ebbc94b4a37289af1505d

            Download Submit

          • /data/user/0/teach.report.crane/app_DynamicOptDex/wU.json
            Filesize

            748KB

            MD5

            f81c8a8b9cc75b2b2f8867caac07fd37

            SHA1

            963a64c29b786a819808781fea2e1b7084025f4a

            SHA256

            ee69088103f41c9fcb20142cfe728630259ac499519c7c48a935c7a8fae88293

            SHA512

            ed034efaef74988e2e3afc8da5843f6bc97a147a21ec1058b7f0a829d1308ef234f110a7e3196567590477b2c040857986d7ff2ba0828ea2f5ae40adca8937e7

            Download Submit

          • /data/user/0/teach.report.crane/app_DynamicOptDex/wU.json
            Filesize

            748KB

            MD5

            f81c8a8b9cc75b2b2f8867caac07fd37

            SHA1

            963a64c29b786a819808781fea2e1b7084025f4a

            SHA256

            ee69088103f41c9fcb20142cfe728630259ac499519c7c48a935c7a8fae88293

            SHA512

            ed034efaef74988e2e3afc8da5843f6bc97a147a21ec1058b7f0a829d1308ef234f110a7e3196567590477b2c040857986d7ff2ba0828ea2f5ae40adca8937e7

            Download Submit