Overview

overview

10

Static

static

7

983CD93CEE...98.apk

android_x86

10

983CD93CEE...98.apk

android_x64

10

983CD93CEE...98.apk

android_x64

10

Analysis

  • max time kernel
    611481s
  • max time network
    161s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    02-06-2022 11:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    983CD93CEEC7451EED08DEA0C83B05E9665E8AE0C433B564EFCC55657EBC2598.apk

  • Size

    2.2MB

  • MD5

    95cfd5efd2526e4166849004b357effe

  • SHA1

    e57518888c1e20a71cfd9e3fb41f04dc6fd066b7

  • SHA256

    983cd93ceec7451eed08dea0c83b05e9665e8ae0c433b564efcc55657ebc2598

  • SHA512

    d5059df8b04d5b91c2afcddf92f531db82ee7bd65d73273ae6625252605589acd29ffc2b443fe9438e2b9d3ddeb1d63a3c27187f66383e1faf115ad90d0ed032

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://ukalasey2.com

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • ctsdijqewczjhww.gnsxtstbwrjbrxh.mkypmybqnlsidgxzunmwbekbm
    1⤵
    • Loads dropped Dex/Jar
    PID:6277
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6369

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • /data/user/0/ctsdijqewczjhww.gnsxtstbwrjbrxh.mkypmybqnlsidgxzunmwbekbm/app_DynamicOptDex/GXsTi.json
      Filesize

      767KB

      MD5

      2bc89aade90294152d7ea29e36ac48e9

      SHA1

      4d1e4ca7044e97798aa88eb6829e3664dc41628b

      SHA256

      34fe80e5af092d641e11e042f7aec42f9b68231959c113e28c801741c18ce211

      SHA512

      ad0a3b986677910e77e5466f8d5b4eb4255e5ec313283f3dadc22458382971f1416114df51d400a27ff8de0eb6c0a79977ccbe6b665c5fa8c71f7074336914ef

      Download Submit

    • /data/user/0/ctsdijqewczjhww.gnsxtstbwrjbrxh.mkypmybqnlsidgxzunmwbekbm/app_DynamicOptDex/GXsTi.json
      Filesize

      767KB

      MD5

      d4d6d0f4cbfe76d620ced317c2240137

      SHA1

      f62e5ac2e1f388b074907da335979acc4abb2919

      SHA256

      1e968ee9b7a194c662b4fab586c6ed7139101b742b22258b7580012a420483bc

      SHA512

      312c16a82c21d1d2a7e013352d4ffbc039de27f6b680898e2c72e8d9395d9e28a77006d678b99a99649a4abecf089dbb8be304accb9286f1830086b6b32cdbb6

      Download Submit

    • /data/user/0/ctsdijqewczjhww.gnsxtstbwrjbrxh.mkypmybqnlsidgxzunmwbekbm/app_DynamicOptDex/GXsTi.json
      Filesize

      767KB

      MD5

      d4d6d0f4cbfe76d620ced317c2240137

      SHA1

      f62e5ac2e1f388b074907da335979acc4abb2919

      SHA256

      1e968ee9b7a194c662b4fab586c6ed7139101b742b22258b7580012a420483bc

      SHA512

      312c16a82c21d1d2a7e013352d4ffbc039de27f6b680898e2c72e8d9395d9e28a77006d678b99a99649a4abecf089dbb8be304accb9286f1830086b6b32cdbb6

      Download Submit

    • /data/user/0/ctsdijqewczjhww.gnsxtstbwrjbrxh.mkypmybqnlsidgxzunmwbekbm/app_DynamicOptDex/oat/GXsTi.json.cur.prof
      MD5

      d41d8cd98f00b204e9800998ecf8427e

      SHA1

      da39a3ee5e6b4b0d3255bfef95601890afd80709

      SHA256

      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

      SHA512

      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

      Download Submit