General
-
Target
72B51898101BF056AE7249FF1E4A132AAFB278038042955462205F014B4EE284.apk
-
Size
1.8MB
-
Sample
220602-nhyvhaffc2
-
MD5
4eef0535ceddc82a99da8f0af9fce315
-
SHA1
286e6a7055bf7dc8ece72af2912cde9ee5de6d72
-
SHA256
72b51898101bf056ae7249ff1e4a132aafb278038042955462205f014b4ee284
-
SHA512
d116d6b42e3d8089cf425036f8ba6571804a96fe83d32af7445893c73c5b48ac0e330f8e4fd7d55810b6b7097a9b80d48555d18d99ee05b01f1f817f8615e740
Malware Config
Extracted
alienbot
http://aykutugottenelmasisikten5.com
Targets
-
-
Target
72B51898101BF056AE7249FF1E4A132AAFB278038042955462205F014B4EE284.apk
-
Size
1.8MB
-
MD5
4eef0535ceddc82a99da8f0af9fce315
-
SHA1
286e6a7055bf7dc8ece72af2912cde9ee5de6d72
-
SHA256
72b51898101bf056ae7249ff1e4a132aafb278038042955462205f014b4ee284
-
SHA512
d116d6b42e3d8089cf425036f8ba6571804a96fe83d32af7445893c73c5b48ac0e330f8e4fd7d55810b6b7097a9b80d48555d18d99ee05b01f1f817f8615e740
Score10/10-
Alienbot
Alienbot is a fork of Cerberus banker first seen in January 2020.
-
Makes use of the framework's Accessibility service.
-
Acquires the wake lock.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Removes a system notification.
-