Overview

overview

10

Static

static

7

f6f8556893...a3.apk

android_x86

10

f6f8556893...a3.apk

android_x64

10

f6f8556893...a3.apk

android_x64

10

Analysis

  • max time kernel
    4138547s
  • max time network
    164s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    24/05/2022, 14:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f6f8556893eed8e97c92c7d7043a1cb4f14481d43e81c780fc197b3d0291b2a3.apk

  • Size

    1.4MB

  • MD5

    493f2107a91f649cbc0e2409e809aa42

  • SHA1

    c1502b9453a5b5a95f9f4357868bd8158913a682

  • SHA256

    f6f8556893eed8e97c92c7d7043a1cb4f14481d43e81c780fc197b3d0291b2a3

  • SHA512

    4fd29abced69840f3117873350df690eea4833fedc8161b18a1382bd06a838f7e920e4f0fa04a9c6e074f2dca9960bdaa90468d660de1fc06a35b69ee032a308

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://easy13.ru.com

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • oydokcng.nsp.xzkcidsubcn
    1⤵
    • Loads dropped Dex/Jar
    PID:6170
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6276
      • getprop ro.miui.ui.version.name
        2⤵
          PID:7080

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/user/0/oydokcng.nsp.xzkcidsubcn/app_DynamicOptDex/LiiMkp.json
        Filesize

        679KB

        MD5

        68b14959a371cabacfb2080f78957ce3

        SHA1

        cd5d773815d018155072b1cdd066e71fd6f56772

        SHA256

        0bba5a876e540a2e79c0584f819fd1b7e8cda94500304d99258dc7c66ce7b0dd

        SHA512

        352607382a588ff3203af943e9817f0c2a8243257dc1b0e9b869a4b4881f5cc12170daf124694ef50485395e71d0b8573c58cafe4007598802e4d9b03f1be61c

        Download Submit

      • /data/user/0/oydokcng.nsp.xzkcidsubcn/app_DynamicOptDex/LiiMkp.json
        Filesize

        679KB

        MD5

        15bf46db77d19affd812057584d54a8e

        SHA1

        8a13c73c829c3cc86c834d064b9b8daf49b8e8b1

        SHA256

        cf2a4c95714fdcf6e82f641b0465488a3077a55c516b8ad626dac370eb59f243

        SHA512

        f0f4b06af52a0fb4b7e211320fe1ca894c51bfa39f93dc40f3bf8b52952acac1a37e9b1e91fab03a7228127af75e25429e1448526f31eabea71a79cb5d2db402

        Download Submit

      • /data/user/0/oydokcng.nsp.xzkcidsubcn/app_DynamicOptDex/LiiMkp.json
        Filesize

        679KB

        MD5

        15bf46db77d19affd812057584d54a8e

        SHA1

        8a13c73c829c3cc86c834d064b9b8daf49b8e8b1

        SHA256

        cf2a4c95714fdcf6e82f641b0465488a3077a55c516b8ad626dac370eb59f243

        SHA512

        f0f4b06af52a0fb4b7e211320fe1ca894c51bfa39f93dc40f3bf8b52952acac1a37e9b1e91fab03a7228127af75e25429e1448526f31eabea71a79cb5d2db402

        Download Submit