Overview

overview

10

Static

static

7

bdb76f13ac...5c.apk

android_x86

10

bdb76f13ac...5c.apk

android_x64

10

bdb76f13ac...5c.apk

android_x64

Analysis

  • max time kernel
    3869144s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    21/05/2022, 12:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bdb76f13ac95ef5c3612f7c3dfe5b2146e52ba80c9fcf66a46e7830ca041485c.apk

  • Size

    1.5MB

  • MD5

    4904d6f6da2cd5baa2845c1f0adb0796

  • SHA1

    64e207b60832d0ccab8b42ca91422e920b660ab5

  • SHA256

    bdb76f13ac95ef5c3612f7c3dfe5b2146e52ba80c9fcf66a46e7830ca041485c

  • SHA512

    e52e692205696b570f19f46eb4e08f45ac1786b9cc4f63085446b29b6b325b3dc3d7c79e1d8af34d6116dbf2c022ab3adfa2634dfd24ba1e22a11313ab52db80

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://installerflas453873.xyz

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • rmpxxlngiacdxkzxgcprkilyk.dtejrdld.chlrflkcbagzktt
    1⤵
    • Loads dropped Dex/Jar
    PID:6301
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6385
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6476
        • getprop ro.miui.ui.version.name
          2⤵
            PID:6528
          • getprop ro.miui.ui.version.name
            2⤵
              PID:6570
            • getprop ro.miui.ui.version.name
              2⤵
                PID:6627
              • getprop ro.miui.ui.version.name
                2⤵
                  PID:6665

              Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              • /data/user/0/rmpxxlngiacdxkzxgcprkilyk.dtejrdld.chlrflkcbagzktt/app_DynamicOptDex/uu.json
                Filesize

                716KB

                MD5

                9ba09aaeac9b1def5b0045f537854b3f

                SHA1

                4274836ba0ba378a404470bc668830c6d6c2b63b

                SHA256

                921a7a616d3898f6391c602ce74a44b29a4c3232c8b8d717d51271f96d82446b

                SHA512

                f28d23182d6db841ac1ccf08b9563e4999fc077bb651ff020d89c15979c02187ff694695ad6d488adfa1195ac68ab32bc60f7654ecd9e35d8114be7d69d6c01b

                Download Submit

              • /data/user/0/rmpxxlngiacdxkzxgcprkilyk.dtejrdld.chlrflkcbagzktt/app_DynamicOptDex/uu.json
                Filesize

                716KB

                MD5

                019b916ef1e0cbccb6c763ea6359f490

                SHA1

                1cdd5266923099bbd405e0aabd1b0b685af25ee7

                SHA256

                e1fff1294ab5d1e9be15cc88ce46e22e4b2fad8a57e3d70cf4b10e85fcbaa15b

                SHA512

                1a00cce6c0d77d32a67552018db16344fc25ac2c66939cb71d4e47001eeeca053e320290f8e5788ea0cc270fd0d0f3d938d3cd9880f46b4ad688558a8de88580

                Download Submit

              • /data/user/0/rmpxxlngiacdxkzxgcprkilyk.dtejrdld.chlrflkcbagzktt/app_DynamicOptDex/uu.json
                Filesize

                716KB

                MD5

                019b916ef1e0cbccb6c763ea6359f490

                SHA1

                1cdd5266923099bbd405e0aabd1b0b685af25ee7

                SHA256

                e1fff1294ab5d1e9be15cc88ce46e22e4b2fad8a57e3d70cf4b10e85fcbaa15b

                SHA512

                1a00cce6c0d77d32a67552018db16344fc25ac2c66939cb71d4e47001eeeca053e320290f8e5788ea0cc270fd0d0f3d938d3cd9880f46b4ad688558a8de88580

                Download Submit