Overview

overview

10

Static

static

7

07b7d933b0...78.apk

android_x86

10

07b7d933b0...78.apk

android_x64

10

07b7d933b0...78.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7393346228.zip

  • Size

    921KB

  • Sample

    220509-vgwr3sgfck

  • MD5

    7888c15549cd6c64373d57d4eae76193

  • SHA1

    c79a789655bdcd83d790325041f892f264e81b7d

  • SHA256

    31daa74d08d4f1f6c23d5b7605063f0f6b9573eeced542a3a0e6cbe239b99877

  • SHA512

    40d7949c9cbb6ddf451075d17b1cf228723aa4831acfc27312e0a4e39c37ff556706b182fbfdf9efa028bca97aa3c58d55b8fa5d5cc1e703575979376206a3f8

Score
10/10
alienbotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://bugunsensensensin.digital

Targets

    • Target

      07b7d933b0581bc77e6660c119ae9c64ac4585e5f84cd591bf9ec17bd556ac78

    • Size

      990KB

    • MD5

      6fb8f86facfd8c471261e9fd1a7c613a

    • SHA1

      7aca181d99022dbe3bf15c0e90404d0d30a0e9b2

    • SHA256

      07b7d933b0581bc77e6660c119ae9c64ac4585e5f84cd591bf9ec17bd556ac78

    • SHA512

      fde7be9cbcdd1d99072bea1bfc2a8d3c144eb89f4e19880dce3a4917856db52c4f2b160f19ec91f031c715243d9fb7225eb6a1a1928566f9c61c322071010d9b

    Score
    10/10
    alienbotbankerevasioninfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks