General

  • Target

    212bdaccf3bb834508f9be5fba58711c6407d4697577e3e3df8e0d37ac7d86ff

  • Size

    2.1MB

  • Sample

    220521-pkep3sfdh7

  • MD5

    94f80ef8636c50c1293e70ba0f868585

  • SHA1

    a9ffb027facf7e2019e6c7d552e2c3c6926f7527

  • SHA256

    212bdaccf3bb834508f9be5fba58711c6407d4697577e3e3df8e0d37ac7d86ff

  • SHA512

    519ab3643d693e1bfc0249ab5e0b31c0c2b52503996db885fb9ba8d5765af976ac9ff7734a247cfa3c6aa5214b9968ecedb6630a2e207ef4e78f4a00bb658c2a

Malware Config

Extracted

Family

alienbot

C2

http://newgenerationn.com

Targets

    • Target

      212bdaccf3bb834508f9be5fba58711c6407d4697577e3e3df8e0d37ac7d86ff

    • Size

      2.1MB

    • MD5

      94f80ef8636c50c1293e70ba0f868585

    • SHA1

      a9ffb027facf7e2019e6c7d552e2c3c6926f7527

    • SHA256

      212bdaccf3bb834508f9be5fba58711c6407d4697577e3e3df8e0d37ac7d86ff

    • SHA512

      519ab3643d693e1bfc0249ab5e0b31c0c2b52503996db885fb9ba8d5765af976ac9ff7734a247cfa3c6aa5214b9968ecedb6630a2e207ef4e78f4a00bb658c2a

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

MITRE ATT&CK Matrix

Tasks