Overview

overview

10

Static

static

7

bb0edd9d25...d2.apk

android_x86

10

bb0edd9d25...d2.apk

android_x64

10

bb0edd9d25...d2.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bb0edd9d25bf7deb57c30dee728a76249517893f6c891eb0bace0b2e4b5db6d2

  • Size

    1.9MB

  • Sample

    220521-d9h81shae4

  • MD5

    4bd9cd9b9ea6243dbe839881a5756340

  • SHA1

    5d291d5a979549fb459dfd3395a3d0499b35c610

  • SHA256

    bb0edd9d25bf7deb57c30dee728a76249517893f6c891eb0bace0b2e4b5db6d2

  • SHA512

    d05dd18ef504a7226d1e9057f389c020d37008308897fd4abc599cd26a8a46a1da2f82c51663a9cc3bbc9c23edcd8d78a6c09c29aa8849ad77dd624dc568f6d8

Score
10/10
alienbotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://installerflas7865432.xyz

Targets

    • Target

      bb0edd9d25bf7deb57c30dee728a76249517893f6c891eb0bace0b2e4b5db6d2

    • Size

      1.9MB

    • MD5

      4bd9cd9b9ea6243dbe839881a5756340

    • SHA1

      5d291d5a979549fb459dfd3395a3d0499b35c610

    • SHA256

      bb0edd9d25bf7deb57c30dee728a76249517893f6c891eb0bace0b2e4b5db6d2

    • SHA512

      d05dd18ef504a7226d1e9057f389c020d37008308897fd4abc599cd26a8a46a1da2f82c51663a9cc3bbc9c23edcd8d78a6c09c29aa8849ad77dd624dc568f6d8

    Score
    10/10
    alienbotbankerevasioninfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks