Overview

overview

10

Static

static

7

16b3b4b41c...84.apk

android_x86

10

16b3b4b41c...84.apk

android_x64

10

16b3b4b41c...84.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    16b3b4b41cdb2f415c09a7c7a486f8a3542abaa6cd17a41c80ed1b1bc7a81884

  • Size

    2.0MB

  • Sample

    220520-2982fabdhm

  • MD5

    87321bfd3a2b14b47ca08886b1eb20ac

  • SHA1

    e32375397d42ff740afc39530c4254f461e27c29

  • SHA256

    16b3b4b41cdb2f415c09a7c7a486f8a3542abaa6cd17a41c80ed1b1bc7a81884

  • SHA512

    2f4816bac87108293d476ea9162ae51717764cf4a2e1c3e0b699b36ed236712518b27ef726105f0bc30e18ec52acf259601936825a4499c8c0462fdb85c200f7

Score
10/10
alienbotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://coulcoul.top/

Targets

    • Target

      16b3b4b41cdb2f415c09a7c7a486f8a3542abaa6cd17a41c80ed1b1bc7a81884

    • Size

      2.0MB

    • MD5

      87321bfd3a2b14b47ca08886b1eb20ac

    • SHA1

      e32375397d42ff740afc39530c4254f461e27c29

    • SHA256

      16b3b4b41cdb2f415c09a7c7a486f8a3542abaa6cd17a41c80ed1b1bc7a81884

    • SHA512

      2f4816bac87108293d476ea9162ae51717764cf4a2e1c3e0b699b36ed236712518b27ef726105f0bc30e18ec52acf259601936825a4499c8c0462fdb85c200f7

    Score
    10/10
    alienbotbankerevasioninfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks