Overview

overview

10

Static

static

7

a8f523a87a...07.apk

android_x86

10

a8f523a87a...07.apk

android_x64

10

a8f523a87a...07.apk

android_x64

10

Analysis

  • max time kernel
    3844169s
  • max time network
    161s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    21/05/2022, 03:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a8f523a87a256f37024a21e649ae249b268a1c7a8c2dc8039fe12f1176d5c407.apk

  • Size

    1.9MB

  • MD5

    7c1cc8dab40e4ccdc5b1e39c7f21b488

  • SHA1

    8e24be698fe715a9e488a1cc8741b0bfb9bd4ff7

  • SHA256

    a8f523a87a256f37024a21e649ae249b268a1c7a8c2dc8039fe12f1176d5c407

  • SHA512

    b4d497dd039f4ed8e605b468e23ed742949c7950e6c2c9e8fe888770b492d0b2b91fcc9735478c6151ff90288a8573f5360e1238200b99dccfb4f0c54b91f3f3

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://anycastedprivacd.top

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • ajbyekerlpgckplfycmmjrk.fenbiyftnmcheehorjpsi.kmgdjuiuqijdumlflrqhgnmm
    1⤵
    • Loads dropped Dex/Jar
    PID:6221
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6381
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6465
        • getprop ro.miui.ui.version.name
          2⤵
            PID:6517
          • getprop ro.miui.ui.version.name
            2⤵
              PID:6570
            • getprop ro.miui.ui.version.name
              2⤵
                PID:6604
              • getprop ro.miui.ui.version.name
                2⤵
                  PID:6652
                • getprop ro.miui.ui.version.name
                  2⤵
                    PID:6707

                Network

                MITRE ATT&CK Matrix

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • /data/user/0/ajbyekerlpgckplfycmmjrk.fenbiyftnmcheehorjpsi.kmgdjuiuqijdumlflrqhgnmm/app_DynamicOptDex/LkQ.json
                  Filesize

                  706KB

                  MD5

                  fd33868c6b381eae4369fa17d35fbdce

                  SHA1

                  da4b083fc86011d230012451321478685bc2b0dd

                  SHA256

                  04099eed234f209108585df56db7f9f755cc434ba8e1a57c332658c7fc00f70a

                  SHA512

                  e9136c0e0f51ee1ff4a31769c33c827b86578a57315aa302c17fa633a3f723fb1c2b11eb7a4f539e55a5f12be1669c7bbdcdba825b892d7875088a1c3ca1a3cf

                  Download Submit

                • /data/user/0/ajbyekerlpgckplfycmmjrk.fenbiyftnmcheehorjpsi.kmgdjuiuqijdumlflrqhgnmm/app_DynamicOptDex/LkQ.json
                  Filesize

                  706KB

                  MD5

                  38f98bd63dba5d7813f50886b3fcea24

                  SHA1

                  70a32544c388477e1bbfd3b8519ba2583b9bfb22

                  SHA256

                  84c134d08691de69300aca697bc8af73725085eaae7024847c269c03e59f7e99

                  SHA512

                  9d3630019812a2b86df47b018cce6e0c1efcafc52a0f824fa328e30d33a6589d74a266c00f39662972f2a3e38315c6312d962ffb3aff49a78686a626406f2ae4

                  Download Submit

                • /data/user/0/ajbyekerlpgckplfycmmjrk.fenbiyftnmcheehorjpsi.kmgdjuiuqijdumlflrqhgnmm/app_DynamicOptDex/LkQ.json
                  Filesize

                  706KB

                  MD5

                  38f98bd63dba5d7813f50886b3fcea24

                  SHA1

                  70a32544c388477e1bbfd3b8519ba2583b9bfb22

                  SHA256

                  84c134d08691de69300aca697bc8af73725085eaae7024847c269c03e59f7e99

                  SHA512

                  9d3630019812a2b86df47b018cce6e0c1efcafc52a0f824fa328e30d33a6589d74a266c00f39662972f2a3e38315c6312d962ffb3aff49a78686a626406f2ae4

                  Download Submit