Overview

overview

10

Static

static

7

4FD61DEADC...B1.apk

android_x86

10

4FD61DEADC...B1.apk

android_x64

10

4FD61DEADC...B1.apk

android_x64

Analysis

  • max time kernel
    609139s
  • max time network
    189s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    02/06/2022, 11:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4FD61DEADC84584EDCC74E460877946F76740015AA15A208A5466E31E8502DB1.apk

  • Size

    2.2MB

  • MD5

    8c254f45c9c31ae441691da4840d4677

  • SHA1

    6270a5b2286a21c1d4706594dfdecc31e6ac6520

  • SHA256

    4fd61deadc84584edcc74e460877946f76740015aa15a208a5466e31e8502db1

  • SHA512

    bf99bf6872821d5d161232a6a0b515d26f44b9d41dc0c5c2ccd338d4b3c95e38c6dff6151288d0e1c6f77066e226f8de7fb8688c27d6b949d6fc8dacbfeab6e3

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://kolombickmolonick.site

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • nxnlfydxznzcnnoi.rfslsde.obtjkugx
    1⤵
    • Loads dropped Dex/Jar
    PID:6273

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/nxnlfydxznzcnnoi.rfslsde.obtjkugx/app_DynamicOptDex/Ud.json
    Filesize

    689KB

    MD5

    fffd49ff241f0d3d04fea4457aed8baa

    SHA1

    28f765ef85f05587021ca1fe64adad0c8089aa44

    SHA256

    a99bf68645f8e3f88a3db9241721ff057cf78b209919086b58fecf53d07d9822

    SHA512

    31cd9fe404b0ab6808d6079eb3f3898ff9c176ba67690a308305054bd80ca0e6f926c4859e950e10ad83badaf73153e4d13ba9107c69164788f5d76d98f37282

    Download Submit

  • /data/user/0/nxnlfydxznzcnnoi.rfslsde.obtjkugx/app_DynamicOptDex/Ud.json
    Filesize

    689KB

    MD5

    a51e83e50e50915bc9289d798a065320

    SHA1

    75c9f2811f9c50d9b59a2a23273919137a83d74a

    SHA256

    81c4e6c64c2d745d848cb0d998e9078ffd2df71ef85ea7af6680b543fbe454ef

    SHA512

    d2a4c126b8003485cef64d3ec15e48ad1b5b0c2b5322dae09d2e0096f119470b8b25c0e2e9f33a75d9351666a610c68521510d99e7099e5fc31125dffa137944

    Download Submit

  • /data/user/0/nxnlfydxznzcnnoi.rfslsde.obtjkugx/app_DynamicOptDex/Ud.json
    Filesize

    689KB

    MD5

    a51e83e50e50915bc9289d798a065320

    SHA1

    75c9f2811f9c50d9b59a2a23273919137a83d74a

    SHA256

    81c4e6c64c2d745d848cb0d998e9078ffd2df71ef85ea7af6680b543fbe454ef

    SHA512

    d2a4c126b8003485cef64d3ec15e48ad1b5b0c2b5322dae09d2e0096f119470b8b25c0e2e9f33a75d9351666a610c68521510d99e7099e5fc31125dffa137944

    Download Submit