General
-
Target
4bfa4398a44a564fec3411bc7d16ae073a3a5842f01a8c9e74f1127efe264504
-
Size
2.0MB
-
Sample
220524-12am8shfc8
-
MD5
8e6fb76e30ffbc2734d4931d134be5cc
-
SHA1
d6efd15ccb67cc127061cff665143657dce71407
-
SHA256
4bfa4398a44a564fec3411bc7d16ae073a3a5842f01a8c9e74f1127efe264504
-
SHA512
a34f5b54e9d337d994bf64c22efb1c4f88c21b7b6e54a7ad2332e5c6768c6ee85b7153bf9c5aae567d2d7b63c415fe764bfe60c2e7672bdae3f7c392263fd29c
Malware Config
Extracted
alienbot
http://zesasar2.com
Targets
-
-
Target
4bfa4398a44a564fec3411bc7d16ae073a3a5842f01a8c9e74f1127efe264504
-
Size
2.0MB
-
MD5
8e6fb76e30ffbc2734d4931d134be5cc
-
SHA1
d6efd15ccb67cc127061cff665143657dce71407
-
SHA256
4bfa4398a44a564fec3411bc7d16ae073a3a5842f01a8c9e74f1127efe264504
-
SHA512
a34f5b54e9d337d994bf64c22efb1c4f88c21b7b6e54a7ad2332e5c6768c6ee85b7153bf9c5aae567d2d7b63c415fe764bfe60c2e7672bdae3f7c392263fd29c
Score10/10-
Alienbot
Alienbot is a fork of Cerberus banker first seen in January 2020.
-
Makes use of the framework's Accessibility service.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Removes a system notification.
-