General

  • Target

    97C3CC1C42FB7427256C5D7938D3E8F21FD98CCE8D327ADF10244291D3C68EE9.apk

  • Size

    1.8MB

  • Sample

    220603-g5ftwafdhm

  • MD5

    c35aeeab03a3002deb83aa86ec863622

  • SHA1

    29ab2b28845cb48c55ecaeefcbdd42c1a0878e79

  • SHA256

    97c3cc1c42fb7427256c5d7938d3e8f21fd98cce8d327adf10244291d3c68ee9

  • SHA512

    f947a8c3fa068577162dcb85d0051cdeca4915e28197b2d91dd7c52e078ed43e1ec013554eab87cec588a1faf9c9fb2175ac792a6a664601e0ca614a438eb092

Malware Config

Extracted

Family

alienbot

C2

http://zeus45-3.com

Targets

    • Target

      97C3CC1C42FB7427256C5D7938D3E8F21FD98CCE8D327ADF10244291D3C68EE9.apk

    • Size

      1.8MB

    • MD5

      c35aeeab03a3002deb83aa86ec863622

    • SHA1

      29ab2b28845cb48c55ecaeefcbdd42c1a0878e79

    • SHA256

      97c3cc1c42fb7427256c5d7938d3e8f21fd98cce8d327adf10244291d3c68ee9

    • SHA512

      f947a8c3fa068577162dcb85d0051cdeca4915e28197b2d91dd7c52e078ed43e1ec013554eab87cec588a1faf9c9fb2175ac792a6a664601e0ca614a438eb092

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

MITRE ATT&CK Matrix

Tasks