Overview

overview

10

Static

static

7

E481FFF62F...48.apk

android_x86

10

E481FFF62F...48.apk

android_x64

10

E481FFF62F...48.apk

android_x64

10

Analysis

  • max time kernel
    676197s
  • max time network
    165s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220310-en
  • submitted
    03/06/2022, 06:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    E481FFF62FF9C05D597339C9F977A88B0E87B55D002BC33ABDF7474C376F6B48.apk

  • Size

    1.6MB

  • MD5

    24e8cacc70061be05359834dc9dd72bd

  • SHA1

    3314f9e0abdba463ed26000fb6bba770d22eeecc

  • SHA256

    e481fff62ff9c05d597339c9f977a88b0e87b55d002bc33abdf7474c376f6b48

  • SHA512

    fcebfd001a05c1354d906addcd18e3b742187e7e994c7c73f5ce0842e05c3591027beeea3bb7df6508259e459b98db1cbce341c508897c75e9a33eed288fd919

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://kurutses7.com

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • diiffjtbwicehbaozrc.beuuclrgnhtoiudofpoqybn.xckamryferaijfnqwceaheahfu
    1⤵
    • Makes use of the framework's Accessibility service.
    • Loads dropped Dex/Jar
    PID:6904
    • getprop ro.miui.ui.version.name
      2⤵
        PID:7082
      • getprop ro.miui.ui.version.name
        2⤵
          PID:7126
        • getprop ro.miui.ui.version.name
          2⤵
            PID:7244
          • getprop ro.miui.ui.version.name
            2⤵
              PID:7284
            • getprop ro.miui.ui.version.name
              2⤵
                PID:7319
              • getprop ro.miui.ui.version.name
                2⤵
                  PID:7351
                • getprop ro.miui.ui.version.name
                  2⤵
                    PID:7403

                Network

                MITRE ATT&CK Matrix

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • /data/user/0/diiffjtbwicehbaozrc.beuuclrgnhtoiudofpoqybn.xckamryferaijfnqwceaheahfu/app_DynamicOptDex/nJqjWlR.json
                  Filesize

                  754KB

                  MD5

                  54b1e7acb98362f1553ad8694739b85a

                  SHA1

                  9bb434e8ede626c83854f358d3c796f3f5932bef

                  SHA256

                  d475991f41ca7783c7e2f3c86549cfc6845c02d92cfa7799929a8013526e858b

                  SHA512

                  e1c0adc61bd2f90739803fcd685f638075ce74c221f6366a435598cf999560af3b10f1d0ed61d5737f55eeed4860f363c4fc905dedf3898d9ec678385c818ac4

                  Download Submit

                • /data/user/0/diiffjtbwicehbaozrc.beuuclrgnhtoiudofpoqybn.xckamryferaijfnqwceaheahfu/app_DynamicOptDex/nJqjWlR.json
                  Filesize

                  754KB

                  MD5

                  3984eda5c2c1fa5e81bc84e31bd05797

                  SHA1

                  f7bf2c1db23458079103b27f7b5c446d786fba1d

                  SHA256

                  1fd89adf90734849a31e23c3f85ddaa544ad5a1429f8312e2b1228aba900d690

                  SHA512

                  b73fb779dd9bf793413069ae469d62d1e28ca797372ebea91686e8c37f906f93d22aff969cc9e148f041d254b97770742528f76e10173dac35fff1b0ca5e32ad

                  Download Submit

                • /data/user/0/diiffjtbwicehbaozrc.beuuclrgnhtoiudofpoqybn.xckamryferaijfnqwceaheahfu/app_DynamicOptDex/nJqjWlR.json
                  Filesize

                  754KB

                  MD5

                  3984eda5c2c1fa5e81bc84e31bd05797

                  SHA1

                  f7bf2c1db23458079103b27f7b5c446d786fba1d

                  SHA256

                  1fd89adf90734849a31e23c3f85ddaa544ad5a1429f8312e2b1228aba900d690

                  SHA512

                  b73fb779dd9bf793413069ae469d62d1e28ca797372ebea91686e8c37f906f93d22aff969cc9e148f041d254b97770742528f76e10173dac35fff1b0ca5e32ad

                  Download Submit