Overview

overview

10

Static

static

7

64845311c2...bd.apk

android_x86

10

64845311c2...bd.apk

android_x64

10

64845311c2...bd.apk

android_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    64845311c2e7ae9d027175b4b1443d9e039b97aeb1488785935dfe037ad884bd

  • Size

    2.3MB

  • Sample

    220521-d9ycyacahr

  • MD5

    fb9cfbcb8f613960e091d03f62e52078

  • SHA1

    8002498665d45758aa057bef17f91d23ca5d8df8

  • SHA256

    64845311c2e7ae9d027175b4b1443d9e039b97aeb1488785935dfe037ad884bd

  • SHA512

    aaa7365373909a1765f97bcc154db6d273085f44c61e46a487246d21d952c0d3f94dc5182becaedffb138c05918240a2aef5d9e202c74451e00255de5e72a97d

Score
10/10
alienbotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://cxmarcellsat.top

Targets

    • Target

      64845311c2e7ae9d027175b4b1443d9e039b97aeb1488785935dfe037ad884bd

    • Size

      2.3MB

    • MD5

      fb9cfbcb8f613960e091d03f62e52078

    • SHA1

      8002498665d45758aa057bef17f91d23ca5d8df8

    • SHA256

      64845311c2e7ae9d027175b4b1443d9e039b97aeb1488785935dfe037ad884bd

    • SHA512

      aaa7365373909a1765f97bcc154db6d273085f44c61e46a487246d21d952c0d3f94dc5182becaedffb138c05918240a2aef5d9e202c74451e00255de5e72a97d

    Score
    10/10
    alienbotbankerevasioninfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks