Overview

overview

10

Static

static

7

7bb2cbfb8a...c2.apk

android_x86

10

7bb2cbfb8a...c2.apk

android_x64

10

7bb2cbfb8a...c2.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7bb2cbfb8a3487329d20ffec840ed7a10146c24fb7a04ff4dcd72160a3b57dc2

  • Size

    1.7MB

  • Sample

    220521-d9lddacagq

  • MD5

    1b9c8db2545db6103bc884165220d8ed

  • SHA1

    7ccabd03e29808fc11a282c4c438a54733d876fb

  • SHA256

    7bb2cbfb8a3487329d20ffec840ed7a10146c24fb7a04ff4dcd72160a3b57dc2

  • SHA512

    e1ca640270c3c509c9444a693a01a0c4c0fb313c51f9cec0119a8cc795cccca0a783398fbcf822f87eb02fcdc618edc2e4eb2cd25e0bce13f37262fb3fdd8fc0

Score
10/10
alienbotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://installerflas678352.xyz

Targets

    • Target

      7bb2cbfb8a3487329d20ffec840ed7a10146c24fb7a04ff4dcd72160a3b57dc2

    • Size

      1.7MB

    • MD5

      1b9c8db2545db6103bc884165220d8ed

    • SHA1

      7ccabd03e29808fc11a282c4c438a54733d876fb

    • SHA256

      7bb2cbfb8a3487329d20ffec840ed7a10146c24fb7a04ff4dcd72160a3b57dc2

    • SHA512

      e1ca640270c3c509c9444a693a01a0c4c0fb313c51f9cec0119a8cc795cccca0a783398fbcf822f87eb02fcdc618edc2e4eb2cd25e0bce13f37262fb3fdd8fc0

    Score
    10/10
    alienbotbankerevasioninfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks