Overview

overview

10

Static

static

7

2a9e071cfe...62.apk

android_x86

10

2a9e071cfe...62.apk

android_x64

10

2a9e071cfe...62.apk

android_x64

10

Analysis

  • max time kernel
    4171170s
  • max time network
    165s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220310-en
  • submitted
    25/05/2022, 00:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2a9e071cfe01f2ab4ccbb96a5842006fbc29f8c369de6f83ef84212ad0655862.apk

  • Size

    1.9MB

  • MD5

    49a51ccaddafd8674f6a77b33f390ac9

  • SHA1

    4fa6ff4b62ae881de087323fb8122804cfaf8b58

  • SHA256

    2a9e071cfe01f2ab4ccbb96a5842006fbc29f8c369de6f83ef84212ad0655862

  • SHA512

    666d180d815753b31e98a5419a38327c0e2f1fc19000f7bef90c6c15a2b961d6ea7cdce5bd6e540c3832233c29189ff6d9c40fe8337dc875ea6acde6b7e52828

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://ssssssthaniyokmugulduren.site

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • uzhhpwdsatyxjjbk.pkui.iztjgplknhhdwxoikmcmhoqgac
    1⤵
    • Makes use of the framework's Accessibility service.
    • Loads dropped Dex/Jar
    PID:6980
    • getprop ro.miui.ui.version.name
      2⤵
        PID:7162
      • getprop ro.miui.ui.version.name
        2⤵
          PID:7284
        • getprop ro.miui.ui.version.name
          2⤵
            PID:7336
          • getprop ro.miui.ui.version.name
            2⤵
              PID:7374
            • getprop ro.miui.ui.version.name
              2⤵
                PID:7405
              • getprop ro.miui.ui.version.name
                2⤵
                  PID:7452

              Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              • /data/user/0/uzhhpwdsatyxjjbk.pkui.iztjgplknhhdwxoikmcmhoqgac/app_DynamicOptDex/CkKb.json
                Filesize

                692KB

                MD5

                67447d817cff9ff36ad894dd40bc98e9

                SHA1

                e272be7c15c0cbd3fc5cd96489afc92e030c500b

                SHA256

                ab8cd6678b9dba10b730d7a92796e652787b17132f1307a53716456f99f988be

                SHA512

                4cf3e581383cbab8804ee98eca6c9f393f515ac63f2f3c7512838e5edd33cf67b4aef66d1ceefe6216ac5dbcb52a8d8b345eb679510fe16081d065c4e8be166d

                Download Submit

              • /data/user/0/uzhhpwdsatyxjjbk.pkui.iztjgplknhhdwxoikmcmhoqgac/app_DynamicOptDex/CkKb.json
                Filesize

                692KB

                MD5

                30833ea44ac5b326e921feb083bcccaa

                SHA1

                245b0c7072630f8b95293dc70463d1b308d6ad3b

                SHA256

                76306187185173da1c5b9d970ddf7ad6107544b58468dbdcbe7a9c7e6c43c3c0

                SHA512

                234fccaeb1bcf591603685fe213f2d3668c2e28d063c363b53086161838096cf3855565c2bc9a9c73281499dad2af2ed48ed5f70b985f49eb7ddc6b7ec6a7864

                Download Submit

              • /data/user/0/uzhhpwdsatyxjjbk.pkui.iztjgplknhhdwxoikmcmhoqgac/app_DynamicOptDex/CkKb.json
                Filesize

                692KB

                MD5

                30833ea44ac5b326e921feb083bcccaa

                SHA1

                245b0c7072630f8b95293dc70463d1b308d6ad3b

                SHA256

                76306187185173da1c5b9d970ddf7ad6107544b58468dbdcbe7a9c7e6c43c3c0

                SHA512

                234fccaeb1bcf591603685fe213f2d3668c2e28d063c363b53086161838096cf3855565c2bc9a9c73281499dad2af2ed48ed5f70b985f49eb7ddc6b7ec6a7864

                Download Submit