Overview

overview

10

Static

static

7

60bd8249eb...1a.apk

android_x86

10

60bd8249eb...1a.apk

android_x64

10

60bd8249eb...1a.apk

android_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    60bd8249ebbf145ecf0d599add9ce8c94fcbab05d5af1332a27fdbe74264101a

  • Size

    1.9MB

  • Sample

    220521-d9y98shaf3

  • MD5

    ee64138f0b44fa9608ffdc180b5a6f5b

  • SHA1

    70de78da20b72180198c64e0af01491f4aebeec4

  • SHA256

    60bd8249ebbf145ecf0d599add9ce8c94fcbab05d5af1332a27fdbe74264101a

  • SHA512

    925dd962ef93ce598f57f8849627e0142a17515b92dfd2a0f2817169fddd5132aac9af54a49f6ad870de31973993410b9daf0be72aef092dc8e76f67976a6211

Score
10/10
alienbotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://installerflas7865432.xyz

Targets

    • Target

      60bd8249ebbf145ecf0d599add9ce8c94fcbab05d5af1332a27fdbe74264101a

    • Size

      1.9MB

    • MD5

      ee64138f0b44fa9608ffdc180b5a6f5b

    • SHA1

      70de78da20b72180198c64e0af01491f4aebeec4

    • SHA256

      60bd8249ebbf145ecf0d599add9ce8c94fcbab05d5af1332a27fdbe74264101a

    • SHA512

      925dd962ef93ce598f57f8849627e0142a17515b92dfd2a0f2817169fddd5132aac9af54a49f6ad870de31973993410b9daf0be72aef092dc8e76f67976a6211

    Score
    10/10
    alienbotbankerevasioninfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks