Overview

overview

10

Static

static

7

0f3c4594f7...2f.apk

android_x86

10

0f3c4594f7...2f.apk

android_x64

10

0f3c4594f7...2f.apk

android_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0f3c4594f761570c38484ac37c0ec52f.apk

  • Size

    1.2MB

  • Sample

    220602-m7deesfdb6

  • MD5

    0f3c4594f761570c38484ac37c0ec52f

  • SHA1

    78f85545e92515f3b016d28df7d39828259056f0

  • SHA256

    64f9d97353ef326a58622f329097a282a5a09e0ab636136fb9cb3ab716f5664d

  • SHA512

    344acff9322a72279bb1183378feea438575cc440fc6063dde61e27dcd7fbd92ae9a76b342035e86c384350f64cdea6a33560e419e6a955d4fc51794c54d0006

Score
10/10
alienbotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://fxancc4fp4.site

Targets

    • Target

      0f3c4594f761570c38484ac37c0ec52f.apk

    • Size

      1.2MB

    • MD5

      0f3c4594f761570c38484ac37c0ec52f

    • SHA1

      78f85545e92515f3b016d28df7d39828259056f0

    • SHA256

      64f9d97353ef326a58622f329097a282a5a09e0ab636136fb9cb3ab716f5664d

    • SHA512

      344acff9322a72279bb1183378feea438575cc440fc6063dde61e27dcd7fbd92ae9a76b342035e86c384350f64cdea6a33560e419e6a955d4fc51794c54d0006

    Score
    10/10
    alienbotbankerevasioninfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks