alienbot | 8dddbe4079d5eb830bf11f4ddd35fc130f7afb976c02093b1dba02871f8a5de8 | Triage

Sharing

General

Target

8dddbe4079d5eb830bf11f4ddd35fc130f7afb976c02093b1dba02871f8a5de8
Size

2.0MB
Sample

220525-cfxnwabddj
MD5

76302ac72439a563aa09c2621f1c3504
SHA1

2441499e96481be6a206df7828435005abc9ccdf
SHA256

8dddbe4079d5eb830bf11f4ddd35fc130f7afb976c02093b1dba02871f8a5de8
SHA512

808c64b96b777188d7941b068af696a29652b82840a1a9c7a6bd1c38ef9ba6b91547cfc61c68ae4bea6a069e65448bd0082ef2e2017cf0d3334687e7a1afea23

Score

10^/10

alienbot android banker evasion infostealer trojan

Malware Config

Extracted

Family

alienbot

C2

http://martiniidex.top

Targets

- Target
  
  8dddbe4079d5eb830bf11f4ddd35fc130f7afb976c02093b1dba02871f8a5de8
- Size
  
  2.0MB
- MD5
  
  76302ac72439a563aa09c2621f1c3504
- SHA1
  
  2441499e96481be6a206df7828435005abc9ccdf
- SHA256
  
  8dddbe4079d5eb830bf11f4ddd35fc130f7afb976c02093b1dba02871f8a5de8
- SHA512
  
  808c64b96b777188d7941b068af696a29652b82840a1a9c7a6bd1c38ef9ba6b91547cfc61c68ae4bea6a069e65448bd0082ef2e2017cf0d3334687e7a1afea23
Score

10^/10

alienbot banker evasion infostealer trojan
- Alienbot
  Alienbot is a fork of Cerberus banker first seen in January 2020.
  banker trojan infostealer alienbot
- Makes use of the framework's Accessibility service.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Removes a system notification.
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

alienbotbankerevasioninfostealertrojan

behavioral2

alienbotbankerinfostealertrojan

behavioral3

alienbotbankerinfostealertrojan