Overview

overview

10

Static

static

7

8222a65aa1...24.apk

android_x86

10

8222a65aa1...24.apk

android_x64

10

8222a65aa1...24.apk

android_x64

1

Analysis

  • max time kernel
    4162888s
  • max time network
    162s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    24-05-2022 22:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8222a65aa1afe3ec8cfd2cf2d881f5c2e32806985d581b61e3c46ae128ef9824.apk

  • Size

    1.3MB

  • MD5

    e8153c869f2922843040f31f08ad7c9f

  • SHA1

    f8bd31a3136b0c86df586a2644bd24ee317f7dec

  • SHA256

    8222a65aa1afe3ec8cfd2cf2d881f5c2e32806985d581b61e3c46ae128ef9824

  • SHA512

    a63eb9c4a14f85df2db6cc844fceac9f71f3af4c808c5749fe68b55b6615521f1bf5112f5878309a9f09e5a8e65abbe1f3cf7296602e79f154f923c192382bce

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://cantapol.com

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • lhlelwktbbxs.hyrimkrqzmaidzabwwzxzx.epleoxoqwrgults
    1⤵
    • Loads dropped Dex/Jar
    PID:6168
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6291
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6427

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/user/0/lhlelwktbbxs.hyrimkrqzmaidzabwwzxzx.epleoxoqwrgults/app_DynamicOptDex/IYdUlg.json
        Filesize

        691KB

        MD5

        2c35f2c67b82b3b7ec8897d51f2da432

        SHA1

        6b9fa2d60a1620c10f6b6bbae542e66136f01c21

        SHA256

        eeea3657835227ba5ac74f769f6d714e94b63780279c83fb1142892e5bfb225a

        SHA512

        8d383042cddc7bdcd95faecd5d8faf507bb5a236b9d75a197a2245710fa2d279e00b0c005819a02a2220dd43e861be49412f4b97a40ed3215bcdbda8a39cc149

        Download Submit

      • /data/user/0/lhlelwktbbxs.hyrimkrqzmaidzabwwzxzx.epleoxoqwrgults/app_DynamicOptDex/IYdUlg.json
        Filesize

        691KB

        MD5

        93d58d06858f29cbf7712c90d9e0dd8f

        SHA1

        9d79298945408b9a271c057dc4b27791267ab431

        SHA256

        cf2868e1d14db5000f7e5121de58af17b0192d547352a1a38b2ab671977124bf

        SHA512

        458e615df7d3d5cba3224e420c6b651da1cb2735c54f9ee823d39ebf92e13f27f4a43f15d3eb9fb432d2ced2b55568c859a0cc782bfe338761fe12d2681463e6

        Download Submit

      • /data/user/0/lhlelwktbbxs.hyrimkrqzmaidzabwwzxzx.epleoxoqwrgults/app_DynamicOptDex/IYdUlg.json
        Filesize

        691KB

        MD5

        93d58d06858f29cbf7712c90d9e0dd8f

        SHA1

        9d79298945408b9a271c057dc4b27791267ab431

        SHA256

        cf2868e1d14db5000f7e5121de58af17b0192d547352a1a38b2ab671977124bf

        SHA512

        458e615df7d3d5cba3224e420c6b651da1cb2735c54f9ee823d39ebf92e13f27f4a43f15d3eb9fb432d2ced2b55568c859a0cc782bfe338761fe12d2681463e6

        Download Submit

      • /data/user/0/lhlelwktbbxs.hyrimkrqzmaidzabwwzxzx.epleoxoqwrgults/app_DynamicOptDex/oat/IYdUlg.json.cur.prof
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit