Overview

overview

10

Static

static

7

97C3CC1C42...E9.apk

android_x86

10

97C3CC1C42...E9.apk

android_x64

10

97C3CC1C42...E9.apk

android_x64

Analysis

  • max time kernel
    676180s
  • max time network
    156s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    03-06-2022 06:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    97C3CC1C42FB7427256C5D7938D3E8F21FD98CCE8D327ADF10244291D3C68EE9.apk

  • Size

    1.8MB

  • MD5

    c35aeeab03a3002deb83aa86ec863622

  • SHA1

    29ab2b28845cb48c55ecaeefcbdd42c1a0878e79

  • SHA256

    97c3cc1c42fb7427256c5d7938d3e8f21fd98cce8d327adf10244291d3c68ee9

  • SHA512

    f947a8c3fa068577162dcb85d0051cdeca4915e28197b2d91dd7c52e078ed43e1ec013554eab87cec588a1faf9c9fb2175ac792a6a664601e0ca614a438eb092

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://zeus45-3.com

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • wwbthkwyq.ubeefrquxp.aecrjqdaz
    1⤵
    • Loads dropped Dex/Jar
    PID:6277
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6387
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6495

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/user/0/wwbthkwyq.ubeefrquxp.aecrjqdaz/app_DynamicOptDex/GIQ.json
        Filesize

        630KB

        MD5

        bf4bbc648581b3799242cf186382777a

        SHA1

        d6587f4e863620edd7bb997bfc5ea616c9177e35

        SHA256

        892091b9491a52ba7d4c6c6fe6adb68e39e1e4fb48da689108bdb5353de22613

        SHA512

        6e51bc425e577ffaaa976f0cc3ef430244481200a37c6bca09fa7fb33e9802ed07a3d18ac49c50cfb033e19fd9d8668d32fccede3a3901e5fd32788f569b6929

        Download Submit

      • /data/user/0/wwbthkwyq.ubeefrquxp.aecrjqdaz/app_DynamicOptDex/GIQ.json
        Filesize

        630KB

        MD5

        9270824c8c898e998b3a7a21d9760bd1

        SHA1

        7b9e31c82a745f2cf55fad5edd69d1c73f69564e

        SHA256

        e7528f5c91259b0244e6585aa4f9dcdec2324ea99fdda45eeef72954d8b3bea6

        SHA512

        b5be04cde6e15aa4787bb822aa28dbc2ce68d021e81e387e4ff2700cb2f5b9399117728281de2ae9690011526f1dd19ab59fc4f58e29012d50d46c263c051ee9

        Download Submit

      • /data/user/0/wwbthkwyq.ubeefrquxp.aecrjqdaz/app_DynamicOptDex/GIQ.json
        Filesize

        630KB

        MD5

        9270824c8c898e998b3a7a21d9760bd1

        SHA1

        7b9e31c82a745f2cf55fad5edd69d1c73f69564e

        SHA256

        e7528f5c91259b0244e6585aa4f9dcdec2324ea99fdda45eeef72954d8b3bea6

        SHA512

        b5be04cde6e15aa4787bb822aa28dbc2ce68d021e81e387e4ff2700cb2f5b9399117728281de2ae9690011526f1dd19ab59fc4f58e29012d50d46c263c051ee9

        Download Submit