alienbot | af1d1415d8dc8373d42d90a6218fd5d5bcd947239c9ac073cea8209ef534d5e0 | Triage

Sharing

General

Target

af1d1415d8dc8373d42d90a6218fd5d5bcd947239c9ac073cea8209ef534d5e0
Size

1.7MB
Sample

220521-d9jvjscagp
MD5

5be463c7c7a6ab1ec5e88daadd155a95
SHA1

5290898760157f49137d1e143d350a75ffe39dd6
SHA256

af1d1415d8dc8373d42d90a6218fd5d5bcd947239c9ac073cea8209ef534d5e0
SHA512

74461118c37412e7d7241c8cb43af3dd211d86099a27af42f938a79fcdf8b83ce8b292df6c6212cfb369100832e2bed5a92c65494014a1d542d1b350b965f8e5

Score

10^/10

alienbot android banker infostealer trojan

Malware Config

Extracted

Family

alienbot

C2

http://benicildirtmeyinkoyarimsi.site

Targets

- Target
  
  af1d1415d8dc8373d42d90a6218fd5d5bcd947239c9ac073cea8209ef534d5e0
- Size
  
  1.7MB
- MD5
  
  5be463c7c7a6ab1ec5e88daadd155a95
- SHA1
  
  5290898760157f49137d1e143d350a75ffe39dd6
- SHA256
  
  af1d1415d8dc8373d42d90a6218fd5d5bcd947239c9ac073cea8209ef534d5e0
- SHA512
  
  74461118c37412e7d7241c8cb43af3dd211d86099a27af42f938a79fcdf8b83ce8b292df6c6212cfb369100832e2bed5a92c65494014a1d542d1b350b965f8e5
Score

10^/10

alienbot banker infostealer trojan
- Alienbot
  Alienbot is a fork of Cerberus banker first seen in January 2020.
  banker trojan infostealer alienbot
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

alienbotbankerinfostealertrojan

behavioral2

alienbotbankerinfostealertrojan

behavioral3