Overview

overview

10

Static

static

7

bc882bec0e...f9.apk

android_x86

10

bc882bec0e...f9.apk

android_x64

10

bc882bec0e...f9.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bc882bec0ec2e4c41c50b89153e36d31ee3d47028c7703bfc1488e05732d7ef9

  • Size

    1.7MB

  • Sample

    220521-d9vbaacahm

  • MD5

    21b543378713458253e1b616d80a6b08

  • SHA1

    84488d46e4b996f5f3aade805a8c7742436f919b

  • SHA256

    bc882bec0ec2e4c41c50b89153e36d31ee3d47028c7703bfc1488e05732d7ef9

  • SHA512

    45e92649c48a9e4bcd39b719d508453f6ade966c8bbf3163cc8f28de9f3f84bcb0a881d673f2d17f37fc2c700b8e25ac0974ae15014b68e207c0f2e35a807355

Score
10/10
alienbotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://bulan337.site

Targets

    • Target

      bc882bec0ec2e4c41c50b89153e36d31ee3d47028c7703bfc1488e05732d7ef9

    • Size

      1.7MB

    • MD5

      21b543378713458253e1b616d80a6b08

    • SHA1

      84488d46e4b996f5f3aade805a8c7742436f919b

    • SHA256

      bc882bec0ec2e4c41c50b89153e36d31ee3d47028c7703bfc1488e05732d7ef9

    • SHA512

      45e92649c48a9e4bcd39b719d508453f6ade966c8bbf3163cc8f28de9f3f84bcb0a881d673f2d17f37fc2c700b8e25ac0974ae15014b68e207c0f2e35a807355

    Score
    10/10
    alienbotbankerevasioninfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks