Overview

overview

10

Static

static

7

b42ec19475...c6.apk

android_x86

10

b42ec19475...c6.apk

android_x64

10

b42ec19475...c6.apk

android_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b42ec19475e98db546602bd04ad0e923fcdf760bb8c27b21aead4d5ce4e45bc6

  • Size

    1.9MB

  • Sample

    220521-d9n49scahj

  • MD5

    1afd5a2c7d9ac94fec03b436e034396e

  • SHA1

    09b408504c9fbb17158a3a895b2aed606a035b8c

  • SHA256

    b42ec19475e98db546602bd04ad0e923fcdf760bb8c27b21aead4d5ce4e45bc6

  • SHA512

    0da11c41acde96ba42514f165eda55c59d03e53d67f23f777aeaaa6cb17b2ebf14940e7df1adedcc458f207c0b514a5b665c9387aee3e838bd2e6596e0dd5a6f

Score
10/10
alienbotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://installerflas7865432.xyz

Targets

    • Target

      b42ec19475e98db546602bd04ad0e923fcdf760bb8c27b21aead4d5ce4e45bc6

    • Size

      1.9MB

    • MD5

      1afd5a2c7d9ac94fec03b436e034396e

    • SHA1

      09b408504c9fbb17158a3a895b2aed606a035b8c

    • SHA256

      b42ec19475e98db546602bd04ad0e923fcdf760bb8c27b21aead4d5ce4e45bc6

    • SHA512

      0da11c41acde96ba42514f165eda55c59d03e53d67f23f777aeaaa6cb17b2ebf14940e7df1adedcc458f207c0b514a5b665c9387aee3e838bd2e6596e0dd5a6f

    Score
    10/10
    alienbotbankerevasioninfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks