Overview

overview

10

Static

static

7

e286a0b591...7c.apk

android_x86

10

e286a0b591...7c.apk

android_x64

10

e286a0b591...7c.apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e286a0b5913a538de6b6561c550d5d627cbc7389c77f365a43e6c0da03838e7c

  • Size

    2.0MB

  • Sample

    220521-pj3qhsfdg6

  • MD5

    a1905125d2be3cd838cbbcdab9be328a

  • SHA1

    0b98ef4b256b606b23102224149dab2bab0b1100

  • SHA256

    e286a0b5913a538de6b6561c550d5d627cbc7389c77f365a43e6c0da03838e7c

  • SHA512

    508bd80bb5edfd7d7c42b2b4e4c65b15d10a5df78b900858cfb3dcfcb5d59a0c269fd3697f75c2dc5c5f44139d8fca181191e4b91dc1ba9ada63f118a0fedf19

Score
10/10
alienbotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://coktanunuutuurduum.top

Targets

    • Target

      e286a0b5913a538de6b6561c550d5d627cbc7389c77f365a43e6c0da03838e7c

    • Size

      2.0MB

    • MD5

      a1905125d2be3cd838cbbcdab9be328a

    • SHA1

      0b98ef4b256b606b23102224149dab2bab0b1100

    • SHA256

      e286a0b5913a538de6b6561c550d5d627cbc7389c77f365a43e6c0da03838e7c

    • SHA512

      508bd80bb5edfd7d7c42b2b4e4c65b15d10a5df78b900858cfb3dcfcb5d59a0c269fd3697f75c2dc5c5f44139d8fca181191e4b91dc1ba9ada63f118a0fedf19

    Score
    10/10
    alienbotbankerevasioninfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks