alienbot | 0acfd3af34d9a63890b17708c15eee4e6156194122a884fc19b184c692c9fafa | Triage

Sharing

General

Target

0acfd3af34d9a63890b17708c15eee4e6156194122a884fc19b184c692c9fafa
Size

1.8MB
Sample

220521-d95r1shag2
MD5

f33ddbe58dd4df03fc56ce044a1f57be
SHA1

3046aa24c5489d0b81e141f9953f5e467166b0c8
SHA256

0acfd3af34d9a63890b17708c15eee4e6156194122a884fc19b184c692c9fafa
SHA512

2efea7cfcd6d180e1b6988693713d7a7735b8f301c1de4be24cea2ebf895041caf7f92cf41c20dc8d9555eb492e5de7d997f99f3dfcc5e505f85aadddbbd7e0a

Score

10^/10

alienbot android banker infostealer trojan

Malware Config

Extracted

Family

alienbot

C2

http://installerflas678352.xyz

Targets

- Target
  
  0acfd3af34d9a63890b17708c15eee4e6156194122a884fc19b184c692c9fafa
- Size
  
  1.8MB
- MD5
  
  f33ddbe58dd4df03fc56ce044a1f57be
- SHA1
  
  3046aa24c5489d0b81e141f9953f5e467166b0c8
- SHA256
  
  0acfd3af34d9a63890b17708c15eee4e6156194122a884fc19b184c692c9fafa
- SHA512
  
  2efea7cfcd6d180e1b6988693713d7a7735b8f301c1de4be24cea2ebf895041caf7f92cf41c20dc8d9555eb492e5de7d997f99f3dfcc5e505f85aadddbbd7e0a
Score

10^/10

alienbot banker infostealer trojan
- Alienbot
  Alienbot is a fork of Cerberus banker first seen in January 2020.
  banker trojan infostealer alienbot
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

alienbotbankerinfostealertrojan

behavioral2

alienbotbankerinfostealertrojan

behavioral3