General
-
Target
9ECFDB3F359362D2BC6D8A4FCC9B05E57E085D0828853DBDFF80C8AF3EC3DDA6.apk
-
Size
1.7MB
-
Sample
220602-nd61babagn
-
MD5
32d7d89f341e89b7bb59834656f9e4c9
-
SHA1
c51529dacc5ae25f26dfa84d0fff08a3f5482aa7
-
SHA256
9ecfdb3f359362d2bc6d8a4fcc9b05e57e085d0828853dbdff80c8af3ec3dda6
-
SHA512
9f84c6f11ca0e0677c41eb2a823dcbfb6a816076720d7ae614a21308f2835c7d7a8e389bdf95614acf6569f0646ef8877915711dbaa3769492ad186ec993b5eb
Malware Config
Extracted
alienbot
http://cacecarsa3.com
Targets
-
-
Target
9ECFDB3F359362D2BC6D8A4FCC9B05E57E085D0828853DBDFF80C8AF3EC3DDA6.apk
-
Size
1.7MB
-
MD5
32d7d89f341e89b7bb59834656f9e4c9
-
SHA1
c51529dacc5ae25f26dfa84d0fff08a3f5482aa7
-
SHA256
9ecfdb3f359362d2bc6d8a4fcc9b05e57e085d0828853dbdff80c8af3ec3dda6
-
SHA512
9f84c6f11ca0e0677c41eb2a823dcbfb6a816076720d7ae614a21308f2835c7d7a8e389bdf95614acf6569f0646ef8877915711dbaa3769492ad186ec993b5eb
Score10/10-
Alienbot
Alienbot is a fork of Cerberus banker first seen in January 2020.
-
Makes use of the framework's Accessibility service.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Removes a system notification.
-