Overview

overview

10

Static

static

7

5371595ED5...87.apk

android_x86

10

5371595ED5...87.apk

android_x64

10

5371595ED5...87.apk

android_x64

Analysis

  • max time kernel
    609455s
  • max time network
    150s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    02/06/2022, 11:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5371595ED50F24A8CFE88682BBB79D1308F60DF6DF24AA4CC090F51FBEAE6A87.apk

  • Size

    2.1MB

  • MD5

    613ab1c9bd30424321020428acdac01d

  • SHA1

    92ce9d6bfa56dc204602e45b0623d4fc7169a8b3

  • SHA256

    5371595ed50f24a8cfe88682bbb79d1308f60df6df24aa4cc090f51fbeae6a87

  • SHA512

    75e156ab05e27340fa2765308acd986e104b38893839f1c5a4d8bbd0c85f24fe2e8a905040160d0c862471a06b614bd1b5410c7400fd3fefc4874d67cccfb790

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://kurutses11.com

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • szlsdqkgyjb.hadrlsez.debhh
    1⤵
    • Loads dropped Dex/Jar
    PID:6028
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6160
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6520

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/user/0/szlsdqkgyjb.hadrlsez.debhh/app_DynamicOptDex/QxEll.json
        Filesize

        702KB

        MD5

        96623c59f5f95da813f916bf409fa969

        SHA1

        417cc151cd60642bf654a954b89ebf6368346b64

        SHA256

        b18b9d4833b909e1a73db71b9b464c3dc6ea66d72a52ac25fa56e9780529db12

        SHA512

        137a4a88c2d5f924f91c89e2d8aa1e366015817a9323973da712262f8366fde76bd4762c788e59b768374b75b24d4c8d8bf4b902924661d83b2b92b7b806fa6c

        Download Submit

      • /data/user/0/szlsdqkgyjb.hadrlsez.debhh/app_DynamicOptDex/QxEll.json
        Filesize

        702KB

        MD5

        7e27d8c945488b150d52f7cfef947670

        SHA1

        1581af5c6a013590a2fab7e486a83860e6516ddc

        SHA256

        11ba2b86af766581797b3b8673fc3f077ceaf162c7033baaa75f7be97a688875

        SHA512

        47df78ffbfe87ae10a602f7bd3ff985edd5d678e7dbf56b2978e3be5dbb2362572a45c4bdea204204c5ccc599c0b2d06ff33d7397e55edc499fd08c75c6b7128

        Download Submit

      • /data/user/0/szlsdqkgyjb.hadrlsez.debhh/app_DynamicOptDex/QxEll.json
        Filesize

        702KB

        MD5

        7e27d8c945488b150d52f7cfef947670

        SHA1

        1581af5c6a013590a2fab7e486a83860e6516ddc

        SHA256

        11ba2b86af766581797b3b8673fc3f077ceaf162c7033baaa75f7be97a688875

        SHA512

        47df78ffbfe87ae10a602f7bd3ff985edd5d678e7dbf56b2978e3be5dbb2362572a45c4bdea204204c5ccc599c0b2d06ff33d7397e55edc499fd08c75c6b7128

        Download Submit