alienbot | 34d686218a7a221d44299d62145d7641f71b8a17321b50cb3884e19f66c04126 | Triage

Sharing

General

Target

34d686218a7a221d44299d62145d7641f71b8a17321b50cb3884e19f66c04126
Size

1.5MB
Sample

220521-d9387acbak
MD5

d8047be7c6a084f2bc08c346073dd8d8
SHA1

0aac337499f8283e7e8d37d9532a2cd5c1422719
SHA256

34d686218a7a221d44299d62145d7641f71b8a17321b50cb3884e19f66c04126
SHA512

0ee5001b1bb84dc97c767bc7e94c30d75436ec772e92bf9f74b4194eeb5d48e0237de593061dfaa07f0d39e1ef2aefc52393d48310e4b952f1ec85e94a6d7fb5

Score

10^/10

alienbot android banker infostealer trojan

Malware Config

Extracted

Family

alienbot

C2

http://elondauned.xyz/

Targets

- Target
  
  34d686218a7a221d44299d62145d7641f71b8a17321b50cb3884e19f66c04126
- Size
  
  1.5MB
- MD5
  
  d8047be7c6a084f2bc08c346073dd8d8
- SHA1
  
  0aac337499f8283e7e8d37d9532a2cd5c1422719
- SHA256
  
  34d686218a7a221d44299d62145d7641f71b8a17321b50cb3884e19f66c04126
- SHA512
  
  0ee5001b1bb84dc97c767bc7e94c30d75436ec772e92bf9f74b4194eeb5d48e0237de593061dfaa07f0d39e1ef2aefc52393d48310e4b952f1ec85e94a6d7fb5
Score

10^/10

alienbot banker infostealer trojan
- Alienbot
  Alienbot is a fork of Cerberus banker first seen in January 2020.
  banker trojan infostealer alienbot
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

alienbotbankerinfostealertrojan

behavioral2

alienbotbankerinfostealertrojan

behavioral3