Overview

overview

10

Static

static

7

ca4bf446ab...8c.apk

android_x86

10

ca4bf446ab...8c.apk

android_x64

10

ca4bf446ab...8c.apk

android_x64

10

Analysis

  • max time kernel
    3814596s
  • max time network
    161s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220310-en
  • submitted
    20/05/2022, 21:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ca4bf446ab44314ec4aa8d06034af2bd1e40455665ccd9ff48cfef5234bc678c.apk

  • Size

    1.5MB

  • MD5

    3a41995a56fb1daa066d0c8c6464c861

  • SHA1

    4ed5c16e3e7212d18e3804e9f42a7f90e6eef24d

  • SHA256

    ca4bf446ab44314ec4aa8d06034af2bd1e40455665ccd9ff48cfef5234bc678c

  • SHA512

    be5e017bd5cd1e03c880245fbdb30e99b1e46bcf0f5e7c23c735b05bac07f9cb388fb19c1d3d5b076e52f95bdfc67e31403393afddb8d045bd0bb362159b0c95

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://nesenbenibitirebildin.cyou

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • hhamwcayidnujxczby.pezsfhsnpzpnpfkphodymtcpsp.tntskbjmsd
    1⤵
    • Makes use of the framework's Accessibility service.
    • Loads dropped Dex/Jar
    PID:6945
    • getprop ro.miui.ui.version.name
      2⤵
        PID:7066
      • getprop ro.miui.ui.version.name
        2⤵
          PID:7181
        • getprop ro.miui.ui.version.name
          2⤵
            PID:7228
          • getprop ro.miui.ui.version.name
            2⤵
              PID:7286
            • getprop ro.miui.ui.version.name
              2⤵
                PID:7319
              • getprop ro.miui.ui.version.name
                2⤵
                  PID:7352
                • getprop ro.miui.ui.version.name
                  2⤵
                    PID:7391

                Network

                MITRE ATT&CK Matrix

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • /data/user/0/hhamwcayidnujxczby.pezsfhsnpzpnpfkphodymtcpsp.tntskbjmsd/app_DynamicOptDex/Mfhm.json
                  Filesize

                  695KB

                  MD5

                  fbc591cdfc9384907903aabdf3b789d3

                  SHA1

                  cd323e9e9eee6151692fe3a2281bddbcbc6bdbbb

                  SHA256

                  5cfeb8bdeebe5e9c7066e2b6ea16adc48331e166ca1ac0831c1253ed87606047

                  SHA512

                  37369a333aaf05f87042f05e4387f32727b4196296548ef4f71484859e0c551796b342836133b218d4f6c849724f5fb835842fd0618a75ee791a9905e6416c7e

                  Download Submit

                • /data/user/0/hhamwcayidnujxczby.pezsfhsnpzpnpfkphodymtcpsp.tntskbjmsd/app_DynamicOptDex/Mfhm.json
                  Filesize

                  695KB

                  MD5

                  41c03ceb562697bca859df75b1ca5e3c

                  SHA1

                  e07c832d29157eec1daff82a399788dfd91038bc

                  SHA256

                  dc749d6e0197a2bc3059c3e1b134b3654c3873aeca05acf3d23c62a2f8946a7e

                  SHA512

                  76cb36ae825b3fd8a0f310cca4529f23c4c345c14e4b8cd39feafb45e42499190f20651b0c40eae98461d1232bed64e0d1927765af2ae85bbbab2b2556891eb2

                  Download Submit

                • /data/user/0/hhamwcayidnujxczby.pezsfhsnpzpnpfkphodymtcpsp.tntskbjmsd/app_DynamicOptDex/Mfhm.json
                  Filesize

                  695KB

                  MD5

                  41c03ceb562697bca859df75b1ca5e3c

                  SHA1

                  e07c832d29157eec1daff82a399788dfd91038bc

                  SHA256

                  dc749d6e0197a2bc3059c3e1b134b3654c3873aeca05acf3d23c62a2f8946a7e

                  SHA512

                  76cb36ae825b3fd8a0f310cca4529f23c4c345c14e4b8cd39feafb45e42499190f20651b0c40eae98461d1232bed64e0d1927765af2ae85bbbab2b2556891eb2

                  Download Submit