Overview

overview

10

Static

static

7

8dddbe4079...e8.apk

android_x86

10

8dddbe4079...e8.apk

android_x64

10

8dddbe4079...e8.apk

android_x64

10

Analysis

  • max time kernel
    4177712s
  • max time network
    171s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    25-05-2022 02:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8dddbe4079d5eb830bf11f4ddd35fc130f7afb976c02093b1dba02871f8a5de8.apk

  • Size

    2.0MB

  • MD5

    76302ac72439a563aa09c2621f1c3504

  • SHA1

    2441499e96481be6a206df7828435005abc9ccdf

  • SHA256

    8dddbe4079d5eb830bf11f4ddd35fc130f7afb976c02093b1dba02871f8a5de8

  • SHA512

    808c64b96b777188d7941b068af696a29652b82840a1a9c7a6bd1c38ef9ba6b91547cfc61c68ae4bea6a069e65448bd0082ef2e2017cf0d3334687e7a1afea23

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://martiniidex.top

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • qtcoclfipoejgolfcxpo.kggkofnkwk.nciscxtgdkfedbqtilhtbc
    1⤵
    • Loads dropped Dex/Jar
    PID:6183
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6279
      • getprop ro.miui.ui.version.name
        2⤵
          PID:7186
        • getprop ro.miui.ui.version.name
          2⤵
            PID:7241
          • getprop ro.miui.ui.version.name
            2⤵
              PID:7278

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • /data/user/0/qtcoclfipoejgolfcxpo.kggkofnkwk.nciscxtgdkfedbqtilhtbc/app_DynamicOptDex/WMcG.json
            Filesize

            721KB

            MD5

            603844cf7192aada011bd31063e38697

            SHA1

            abe512742f47b9246b8933ddccafaca4d3c61961

            SHA256

            0c5a8f6ba0d4b581d2d61f49caf27b5967e95e2dec9b55e094d47f9acf96c141

            SHA512

            2507bf7fe0a06bad6af55a0e7655e7d16bed0ae3a6a0acb9184542e38d6d9fd0a9a5f57ffb8f2083612fa5ff1cef4e5646a08e8b36159397362f27fc3873f374

            Download Submit

          • /data/user/0/qtcoclfipoejgolfcxpo.kggkofnkwk.nciscxtgdkfedbqtilhtbc/app_DynamicOptDex/WMcG.json
            Filesize

            721KB

            MD5

            f590d53dd3a60c90e9578500afdbbc70

            SHA1

            260d392927a049734a7598d85ec50f4530e99b5a

            SHA256

            e95dae90c0c77f65c99d3c9b7d5d7f3c3fea50c681c999e933c1332b74217022

            SHA512

            ccc396dc35e863d6fccd6254477a813a0fddc69676d3542572c3533162afda8bc348b30baa460f38c0c68d25a1980867f02d90882b0981b1fb515037c7df2633

            Download Submit

          • /data/user/0/qtcoclfipoejgolfcxpo.kggkofnkwk.nciscxtgdkfedbqtilhtbc/app_DynamicOptDex/WMcG.json
            Filesize

            721KB

            MD5

            f590d53dd3a60c90e9578500afdbbc70

            SHA1

            260d392927a049734a7598d85ec50f4530e99b5a

            SHA256

            e95dae90c0c77f65c99d3c9b7d5d7f3c3fea50c681c999e933c1332b74217022

            SHA512

            ccc396dc35e863d6fccd6254477a813a0fddc69676d3542572c3533162afda8bc348b30baa460f38c0c68d25a1980867f02d90882b0981b1fb515037c7df2633

            Download Submit