Overview

overview

10

Static

static

7

0258fc4cb7...80.apk

android_x86

10

0258fc4cb7...80.apk

android_x64

10

0258fc4cb7...80.apk

android_x64

10

Analysis

  • max time kernel
    4074797s
  • max time network
    150s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    23/05/2022, 21:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0258fc4cb74f7ed7f80b584df34583b309dff5d438c0e14c06dc1d3943d8ec80.apk

  • Size

    1.5MB

  • MD5

    0de236017a40cc9de91fe1072ac38cd0

  • SHA1

    06cbd0a6495fbce0acb01d7c1b1b28b95bf8bcb3

  • SHA256

    0258fc4cb74f7ed7f80b584df34583b309dff5d438c0e14c06dc1d3943d8ec80

  • SHA512

    ab77e7f31c3871c909aef2d0466a25d321f6a7098370e4348b7dd8196c940609a5fcbd5677a7d9ad8da6cae8a62e8bb47ae84419504d1a449c4eed73ce16de3c

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://odry.london

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • tfcqzk.lofst.hkgkaucmthtsmy
    1⤵
    • Loads dropped Dex/Jar
    PID:6297
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6424
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6511
        • getprop ro.miui.ui.version.name
          2⤵
            PID:6562
          • getprop ro.miui.ui.version.name
            2⤵
              PID:6605

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • /data/user/0/tfcqzk.lofst.hkgkaucmthtsmy/app_DynamicOptDex/ujTe.json
            Filesize

            691KB

            MD5

            051b874de4dfbea6f5c73a99a9e9c3e3

            SHA1

            d7585e5ebfaf8955ce6294ac1fedffa5ff0623c4

            SHA256

            46bbc527f8b8aee00544f90447679242ca71b883879bac0ceabfe967f469e4f7

            SHA512

            0ed118e5a674e66d3b6e490e222c9131dd6cdbfd73389b12687ee2560c85785af71456e8087b2afab6dc7e4b556fc668f200dd48186f1792f2486120628b4448

            Download Submit

          • /data/user/0/tfcqzk.lofst.hkgkaucmthtsmy/app_DynamicOptDex/ujTe.json
            Filesize

            691KB

            MD5

            d9769c25bc619c107d177bfdf92a45ee

            SHA1

            5a55ac71a8316b6e5e26c51b9ef02cdf8eafb04a

            SHA256

            f67098ce6e7f0ea6cb2809f5c7215c479489a68936992cf41db690ec92d1f233

            SHA512

            d29b4db99a5148f5b72c96d77aeb6a7b6d353acf772f328b99fa6d8d9d7cdce6a69216673376d3dca9601102879b560bd0879e69b4116d40d199f1cf6cce2756

            Download Submit

          • /data/user/0/tfcqzk.lofst.hkgkaucmthtsmy/app_DynamicOptDex/ujTe.json
            Filesize

            691KB

            MD5

            d9769c25bc619c107d177bfdf92a45ee

            SHA1

            5a55ac71a8316b6e5e26c51b9ef02cdf8eafb04a

            SHA256

            f67098ce6e7f0ea6cb2809f5c7215c479489a68936992cf41db690ec92d1f233

            SHA512

            d29b4db99a5148f5b72c96d77aeb6a7b6d353acf772f328b99fa6d8d9d7cdce6a69216673376d3dca9601102879b560bd0879e69b4116d40d199f1cf6cce2756

            Download Submit