Overview

overview

10

Static

static

7

BBF104DD9B...A2.apk

android_x86

10

BBF104DD9B...A2.apk

android_x64

10

BBF104DD9B...A2.apk

android_x64

10

Analysis

  • max time kernel
    607478s
  • max time network
    166s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220310-en
  • submitted
    02/06/2022, 11:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BBF104DD9BFEF77855EAF4F33E4C62C8CA7CF7D7B26C4C2745098A5E198DBAA2.apk

  • Size

    1.9MB

  • MD5

    53184189e7286f3f273938fe05d429c1

  • SHA1

    a2160cfd87827a1650077def9dadc5f3e5b8bb2c

  • SHA256

    bbf104dd9bfef77855eaf4f33e4c62c8ca7cf7d7b26c4c2745098a5e198dbaa2

  • SHA512

    c9240dc01df598b2ae78fd991f0b715ddb866bf79d5c1fcb908033e2d7ccaa12fc6933c519948b685657ed5f64b2e1e154b57c82e3dbd622f090594402dca98c

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://zesasar11.com

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • atncfdltwmhqcftnoglm.eefwtmeqytgycysisngrfzsqw.bqeymhocpptut
    1⤵
    • Makes use of the framework's Accessibility service.
    • Loads dropped Dex/Jar
    PID:6196
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6282
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6380
        • getprop ro.miui.ui.version.name
          2⤵
            PID:6436
          • getprop ro.miui.ui.version.name
            2⤵
              PID:6481
            • getprop ro.miui.ui.version.name
              2⤵
                PID:6517
              • getprop ro.miui.ui.version.name
                2⤵
                  PID:6564
                • getprop ro.miui.ui.version.name
                  2⤵
                    PID:6594

                Network

                MITRE ATT&CK Matrix

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • /data/user/0/atncfdltwmhqcftnoglm.eefwtmeqytgycysisngrfzsqw.bqeymhocpptut/app_DynamicOptDex/KstoRXf.json
                  Filesize

                  666KB

                  MD5

                  1ce53fa73d6862065e039e8b51f89d02

                  SHA1

                  41c32366c5e697af632dd8617cc0ca14241cf774

                  SHA256

                  dfa6cbb4338229fbf5de0a6083c555b04e509477876c113e907ca0814e19531e

                  SHA512

                  014f63059a5a69f60d3220ef3b9156beee9190da128b110064fa3a553f3d1d3bfeef948795fda77a4994b14c85cefdd557504c156ef8e213aabda22d5c0ac057

                  Download Submit

                • /data/user/0/atncfdltwmhqcftnoglm.eefwtmeqytgycysisngrfzsqw.bqeymhocpptut/app_DynamicOptDex/KstoRXf.json
                  Filesize

                  666KB

                  MD5

                  a26eb7651d6f1891cb3bd9cbfb1cd52d

                  SHA1

                  12f21e7398fcc9e4b59f0859ceb9279688ef9962

                  SHA256

                  d8c42308826b566437df0c959c05630f2a113af23d28e35aeaa26eb6574ff2d7

                  SHA512

                  3947df5f6e91b68d3dd3c59742b61788f2472a601768f858f89e42fbf090a8bec7de54f0e553a0dd678f034605b2e436b9f0a0b410926a99aebc83d0094e8c7b

                  Download Submit

                • /data/user/0/atncfdltwmhqcftnoglm.eefwtmeqytgycysisngrfzsqw.bqeymhocpptut/app_DynamicOptDex/KstoRXf.json
                  Filesize

                  666KB

                  MD5

                  a26eb7651d6f1891cb3bd9cbfb1cd52d

                  SHA1

                  12f21e7398fcc9e4b59f0859ceb9279688ef9962

                  SHA256

                  d8c42308826b566437df0c959c05630f2a113af23d28e35aeaa26eb6574ff2d7

                  SHA512

                  3947df5f6e91b68d3dd3c59742b61788f2472a601768f858f89e42fbf090a8bec7de54f0e553a0dd678f034605b2e436b9f0a0b410926a99aebc83d0094e8c7b

                  Download Submit