Overview

overview

10

Static

static

7

cea4d343c8...dc.apk

android_x86

10

cea4d343c8...dc.apk

android_x64

10

cea4d343c8...dc.apk

android_x64

10

Analysis

  • max time kernel
    4141480s
  • max time network
    158s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220310-en
  • submitted
    24/05/2022, 15:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cea4d343c84bfa963dc830ab6e567089f96c615a55c21994370e16e2d787e1dc.apk

  • Size

    1.8MB

  • MD5

    95bc5358059a5fa399dd8444700f9795

  • SHA1

    404559862ef2f8b7d55bf32f44ec9036cd82f02b

  • SHA256

    cea4d343c84bfa963dc830ab6e567089f96c615a55c21994370e16e2d787e1dc

  • SHA512

    3e4b423da42705d3fefe68d93e870596d45cf61e39a9590011bdca1b00c2cc259416575f2b0397fc752ca5dadb2c5947fdcf562f7b846cb2696b95a3525f61c6

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://opsela1.com

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • onqiuulgxeq.geteqoysbmoszsfarkupcddua.paweshakhlamhejgqpi
    1⤵
    • Makes use of the framework's Accessibility service.
    • Loads dropped Dex/Jar
    PID:6984
    • getprop ro.miui.ui.version.name
      2⤵
        PID:7167
      • getprop ro.miui.ui.version.name
        2⤵
          PID:7297
        • getprop ro.miui.ui.version.name
          2⤵
            PID:7345
          • getprop ro.miui.ui.version.name
            2⤵
              PID:7393
            • getprop ro.miui.ui.version.name
              2⤵
                PID:7433
              • getprop ro.miui.ui.version.name
                2⤵
                  PID:7468
                • getprop ro.miui.ui.version.name
                  2⤵
                    PID:7508

                Network

                MITRE ATT&CK Matrix

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • /data/user/0/onqiuulgxeq.geteqoysbmoszsfarkupcddua.paweshakhlamhejgqpi/app_DynamicOptDex/JZ.json
                  Filesize

                  667KB

                  MD5

                  06dba77e88e36e60694709ab5f689a5f

                  SHA1

                  c18e7397e9cd415d23eb1534cd984bb4b41f6e65

                  SHA256

                  f9fa6bbd013fee23b78e1d56a29048f913da86d612f78c4af1663196a7e87cee

                  SHA512

                  13cae7334a3e91eb572e297259ed9d334b27d8122ac9e421f068e136e0d05211b68a805953de8f82d96fc3e8f25b4057652f34c6c8f89032a4f23dcae8391944

                  Download Submit

                • /data/user/0/onqiuulgxeq.geteqoysbmoszsfarkupcddua.paweshakhlamhejgqpi/app_DynamicOptDex/JZ.json
                  Filesize

                  667KB

                  MD5

                  06dba77e88e36e60694709ab5f689a5f

                  SHA1

                  c18e7397e9cd415d23eb1534cd984bb4b41f6e65

                  SHA256

                  f9fa6bbd013fee23b78e1d56a29048f913da86d612f78c4af1663196a7e87cee

                  SHA512

                  13cae7334a3e91eb572e297259ed9d334b27d8122ac9e421f068e136e0d05211b68a805953de8f82d96fc3e8f25b4057652f34c6c8f89032a4f23dcae8391944

                  Download Submit