Overview

overview

10

Static

static

7

25f8c85774...b9.apk

android_x86

10

25f8c85774...b9.apk

android_x64

10

25f8c85774...b9.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    25f8c85774f2c0cfb7122f2a1de2301498c70c239a42d0cd9399c904c22a35b9

  • Size

    1.4MB

  • Sample

    220521-d9qyvscahk

  • MD5

    7557a88cf8e930d33675a1cf2a3ca0f0

  • SHA1

    dff8dd372f1d3137bb41820f89b67acecb7204c1

  • SHA256

    25f8c85774f2c0cfb7122f2a1de2301498c70c239a42d0cd9399c904c22a35b9

  • SHA512

    3d8214805293c47ed91b40653619396d1a82a9310a27c7979723a0f3b5d7d67c198802f534ba98ac882d5090c9913b7e930335edf13a7a4a658c8cdb9d4feed8

Score
10/10
alienbotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://alskdalksdlaksdjlaigpopoinojasg.info/

Targets

    • Target

      25f8c85774f2c0cfb7122f2a1de2301498c70c239a42d0cd9399c904c22a35b9

    • Size

      1.4MB

    • MD5

      7557a88cf8e930d33675a1cf2a3ca0f0

    • SHA1

      dff8dd372f1d3137bb41820f89b67acecb7204c1

    • SHA256

      25f8c85774f2c0cfb7122f2a1de2301498c70c239a42d0cd9399c904c22a35b9

    • SHA512

      3d8214805293c47ed91b40653619396d1a82a9310a27c7979723a0f3b5d7d67c198802f534ba98ac882d5090c9913b7e930335edf13a7a4a658c8cdb9d4feed8

    Score
    10/10
    alienbotbankerevasioninfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks