General

  • Target

    DBA7F022B4CCE63F1717F461AF490637F8F634F75B839EC318BB6866DAC94750.apk

  • Size

    2.0MB

  • Sample

    220603-g4yy3afdfl

  • MD5

    12258242e922d3d8ee08825f62caf147

  • SHA1

    d9cf92de75b867fbfb79f96d48a35ed760fe40e2

  • SHA256

    dba7f022b4cce63f1717f461af490637f8f634f75b839ec318bb6866dac94750

  • SHA512

    f9cc0733d1e23532ed0b691ba1be794af18d823a782b69a7be492df1eb5cd4512b8839fc13521352d4cb92b8e901d95fed58bf51965144628eaf6adba45b171b

Malware Config

Extracted

Family

alienbot

C2

http://ukalasey4.com

Targets

    • Target

      DBA7F022B4CCE63F1717F461AF490637F8F634F75B839EC318BB6866DAC94750.apk

    • Size

      2.0MB

    • MD5

      12258242e922d3d8ee08825f62caf147

    • SHA1

      d9cf92de75b867fbfb79f96d48a35ed760fe40e2

    • SHA256

      dba7f022b4cce63f1717f461af490637f8f634f75b839ec318bb6866dac94750

    • SHA512

      f9cc0733d1e23532ed0b691ba1be794af18d823a782b69a7be492df1eb5cd4512b8839fc13521352d4cb92b8e901d95fed58bf51965144628eaf6adba45b171b

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

MITRE ATT&CK Matrix

Tasks