Overview

overview

10

Static

static

7

1a182609a9...d1.apk

android_x86

10

1a182609a9...d1.apk

android_x64

10

1a182609a9...d1.apk

android_x64

10

Analysis

  • max time kernel
    2000201s
  • max time network
    166s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    29/04/2022, 21:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1a182609a93ac4914b4abb1f932b18f25a192be3ef65cbd24f8737da3f8192d1.apk

  • Size

    1.0MB

  • MD5

    5c5ab562d16a0eb6d61ea924faa5e31a

  • SHA1

    9f26bb33eb7c75a7f84d18a849dbd5f1861aebda

  • SHA256

    1a182609a93ac4914b4abb1f932b18f25a192be3ef65cbd24f8737da3f8192d1

  • SHA512

    289623e38104fc059cec8be69e86e389fa30f235411ba16cb8d9552b4f6d17aedc1f6a03fe88bb1171d2bb9718577742c10d6c287b50b423e5f2438ee0cdc683

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://kyzpc.digital

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 1 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • com.shoe.ridge
    1⤵
    • Loads dropped Dex/Jar
    PID:6291
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6403
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6508
        • getprop ro.miui.ui.version.name
          2⤵
            PID:6565
          • getprop ro.miui.ui.version.name
            2⤵
              PID:6605

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • /data/user/0/com.shoe.ridge/app_DynamicOptDex/eu.json
            Filesize

            238KB

            MD5

            36d1a426c026e881f30ee22ee17fd955

            SHA1

            6fd0e843e39f068d475d7f64eef2d1234a948b3e

            SHA256

            f43bcc1d53a5881c8207d4c24ef94ffcbb374842286ad2a826d1878d0422c826

            SHA512

            81503b6d9a797f2388a9e12c5d0c90da5fa5b80e3a7cc506283cb7a94f5a8d6a44b7ee1c796d670c7e36cdbeec2777908295f6cfc32c0c783da0ffcf7c3d293c

            Download Submit

          • /data/user/0/com.shoe.ridge/app_DynamicOptDex/eu.json
            Filesize

            483KB

            MD5

            1ec4e546aba631df1e49ed7f20a3961c

            SHA1

            b57bdb28521583d3d683942a9f3501b330b748e8

            SHA256

            704c359b7d68d98f67987d1ac6104d99d044814af9e019ef25045962482c04a7

            SHA512

            9e0796314d724c39e16c031e166379c30f7068bd22221f72f72b1392ff66bf6e0841b932839b875ab4c6536e52b88999f6ca30f591aee5c4727385509e475a4a

            Download Submit