General
-
Target
a8f523a87a256f37024a21e649ae249b268a1c7a8c2dc8039fe12f1176d5c407
-
Size
1.9MB
-
Sample
220521-eaam9shag7
-
MD5
7c1cc8dab40e4ccdc5b1e39c7f21b488
-
SHA1
8e24be698fe715a9e488a1cc8741b0bfb9bd4ff7
-
SHA256
a8f523a87a256f37024a21e649ae249b268a1c7a8c2dc8039fe12f1176d5c407
-
SHA512
b4d497dd039f4ed8e605b468e23ed742949c7950e6c2c9e8fe888770b492d0b2b91fcc9735478c6151ff90288a8573f5360e1238200b99dccfb4f0c54b91f3f3
Malware Config
Extracted
alienbot
http://anycastedprivacd.top
Targets
-
-
Target
a8f523a87a256f37024a21e649ae249b268a1c7a8c2dc8039fe12f1176d5c407
-
Size
1.9MB
-
MD5
7c1cc8dab40e4ccdc5b1e39c7f21b488
-
SHA1
8e24be698fe715a9e488a1cc8741b0bfb9bd4ff7
-
SHA256
a8f523a87a256f37024a21e649ae249b268a1c7a8c2dc8039fe12f1176d5c407
-
SHA512
b4d497dd039f4ed8e605b468e23ed742949c7950e6c2c9e8fe888770b492d0b2b91fcc9735478c6151ff90288a8573f5360e1238200b99dccfb4f0c54b91f3f3
Score10/10-
Alienbot
Alienbot is a fork of Cerberus banker first seen in January 2020.
-
Makes use of the framework's Accessibility service.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Removes a system notification.
-