Overview

overview

10

Static

static

7

4bfa4398a4...04.apk

android_x86

10

4bfa4398a4...04.apk

android_x64

10

4bfa4398a4...04.apk

android_x64

Analysis

  • max time kernel
    4162872s
  • max time network
    172s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    24-05-2022 22:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4bfa4398a44a564fec3411bc7d16ae073a3a5842f01a8c9e74f1127efe264504.apk

  • Size

    2.0MB

  • MD5

    8e6fb76e30ffbc2734d4931d134be5cc

  • SHA1

    d6efd15ccb67cc127061cff665143657dce71407

  • SHA256

    4bfa4398a44a564fec3411bc7d16ae073a3a5842f01a8c9e74f1127efe264504

  • SHA512

    a34f5b54e9d337d994bf64c22efb1c4f88c21b7b6e54a7ad2332e5c6768c6ee85b7153bf9c5aae567d2d7b63c415fe764bfe60c2e7672bdae3f7c392263fd29c

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://zesasar2.com

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • otqpkp.wdzahlpwzoinswt.nyx
    1⤵
    • Loads dropped Dex/Jar
    PID:6276
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6411
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6501
        • getprop ro.miui.ui.version.name
          2⤵
            PID:6551
          • getprop ro.miui.ui.version.name
            2⤵
              PID:6592

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • /data/user/0/otqpkp.wdzahlpwzoinswt.nyx/app_DynamicOptDex/kMG.json
            Filesize

            708KB

            MD5

            08785702c407660c936c055c6272d818

            SHA1

            a24c52800d915f7aa724ac0fd1c1b7b9ec4eafc7

            SHA256

            f6f2ea94a0c79dd49269d8c0dcfe241c16178d0f217357e9ce061da1291a6295

            SHA512

            77d2b853795c92a65a6277bb7142b7335f4e98240053031f8c69f3483d51fca6dd915282b8c1c6cd0841f32dc767a3d32a3348812b4a9b8dd52213b4c50d0751

            Download Submit

          • /data/user/0/otqpkp.wdzahlpwzoinswt.nyx/app_DynamicOptDex/kMG.json
            Filesize

            708KB

            MD5

            1fdeb4cbd439fe3579477934207bb005

            SHA1

            0bac790f24601f42894bae8c36187a02304f0c0f

            SHA256

            f1a820e468869a415c867a971557fe050230c52254db31b018d9db586b8d4d90

            SHA512

            d3c96b87d0b34b6677b734b65e4e2b5a35f1ef54ba7d36888c9451fc5a731dd9397b835e9a132a54c92d2b0389abb972639669c8c80604a27107213ebc5c793c

            Download Submit

          • /data/user/0/otqpkp.wdzahlpwzoinswt.nyx/app_DynamicOptDex/kMG.json
            Filesize

            708KB

            MD5

            1fdeb4cbd439fe3579477934207bb005

            SHA1

            0bac790f24601f42894bae8c36187a02304f0c0f

            SHA256

            f1a820e468869a415c867a971557fe050230c52254db31b018d9db586b8d4d90

            SHA512

            d3c96b87d0b34b6677b734b65e4e2b5a35f1ef54ba7d36888c9451fc5a731dd9397b835e9a132a54c92d2b0389abb972639669c8c80604a27107213ebc5c793c

            Download Submit

          • /data/user/0/otqpkp.wdzahlpwzoinswt.nyx/app_DynamicOptDex/oat/kMG.json.cur.prof
            MD5

            d41d8cd98f00b204e9800998ecf8427e

            SHA1

            da39a3ee5e6b4b0d3255bfef95601890afd80709

            SHA256

            e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

            SHA512

            cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

            Download Submit