General
-
Target
624f853986bf978c4057ee854aa065e9ac77acddf09c36fc44f08e5212cb261b
-
Size
1.4MB
-
Sample
220523-zg4j5sahdp
-
MD5
3ada696b6591342ef85d260cafe217ab
-
SHA1
62a0eba5c5882143ea0b4def82e4432ff749d1b4
-
SHA256
624f853986bf978c4057ee854aa065e9ac77acddf09c36fc44f08e5212cb261b
-
SHA512
497571dd44820aaab616389baee5c75008dc5f86866b7fe34ab4b8168a9ddd508ec409fac7a47d43c0cfe9f4c4bd6538e158cc7939d7421c228022f641f8ab55
Malware Config
Extracted
alienbot
http://seversin.space
Targets
-
-
Target
624f853986bf978c4057ee854aa065e9ac77acddf09c36fc44f08e5212cb261b
-
Size
1.4MB
-
MD5
3ada696b6591342ef85d260cafe217ab
-
SHA1
62a0eba5c5882143ea0b4def82e4432ff749d1b4
-
SHA256
624f853986bf978c4057ee854aa065e9ac77acddf09c36fc44f08e5212cb261b
-
SHA512
497571dd44820aaab616389baee5c75008dc5f86866b7fe34ab4b8168a9ddd508ec409fac7a47d43c0cfe9f4c4bd6538e158cc7939d7421c228022f641f8ab55
Score10/10-
Alienbot
Alienbot is a fork of Cerberus banker first seen in January 2020.
-
Makes use of the framework's Accessibility service.
-
Acquires the wake lock.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Removes a system notification.
-