Overview

overview

10

Static

static

7

66427521c5...d9.apk

android_x86

10

66427521c5...d9.apk

android_x64

10

66427521c5...d9.apk

android_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    66427521c50cd888548749f8527a3b503e9f381e49715a8c6d080689f22f3ad9

  • Size

    1.5MB

  • Sample

    220521-pj95laafep

  • MD5

    26628cea0f6730e49a1e527a7354d41f

  • SHA1

    78270866aeb9e03a2b7564da3101af46d46762cd

  • SHA256

    66427521c50cd888548749f8527a3b503e9f381e49715a8c6d080689f22f3ad9

  • SHA512

    631cb3afddf13be8aefcb485ececaea1212ef82add7f7f3db8f17e00e584f6adde56df88b28da2e6720d1ea437b40c27b99c01ff66c00beb8b01606c758a5edb

Score
10/10
alienbotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://tambuland7.live

Targets

    • Target

      66427521c50cd888548749f8527a3b503e9f381e49715a8c6d080689f22f3ad9

    • Size

      1.5MB

    • MD5

      26628cea0f6730e49a1e527a7354d41f

    • SHA1

      78270866aeb9e03a2b7564da3101af46d46762cd

    • SHA256

      66427521c50cd888548749f8527a3b503e9f381e49715a8c6d080689f22f3ad9

    • SHA512

      631cb3afddf13be8aefcb485ececaea1212ef82add7f7f3db8f17e00e584f6adde56df88b28da2e6720d1ea437b40c27b99c01ff66c00beb8b01606c758a5edb

    Score
    10/10
    alienbotbankerevasioninfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks