General

  • Target

    3EA328435AE3828967D6716963F8911C00DF7B5079BFBAD2A8F13EDF7F9ADE8F.apk

  • Size

    2.1MB

  • Sample

    220603-g68w2sfegn

  • MD5

    77a63aa3c70d1f8622532357a170c9e5

  • SHA1

    a6ee805d28909c31adc8293bb91e11c3ce074a32

  • SHA256

    3ea328435ae3828967d6716963f8911c00df7b5079bfbad2a8f13edf7f9ade8f

  • SHA512

    3d2f37accdfdbe9a5addc0c12eb804cc3e7378112f5fd5c27fafc039d487d3458ced50f9ba610a78f09fa11ceb9bb61dfeeb7767ce78ff2e7c60163d190ebded

Malware Config

Extracted

Family

alienbot

C2

http://cacecarsa.com

Targets

    • Target

      3EA328435AE3828967D6716963F8911C00DF7B5079BFBAD2A8F13EDF7F9ADE8F.apk

    • Size

      2.1MB

    • MD5

      77a63aa3c70d1f8622532357a170c9e5

    • SHA1

      a6ee805d28909c31adc8293bb91e11c3ce074a32

    • SHA256

      3ea328435ae3828967d6716963f8911c00df7b5079bfbad2a8f13edf7f9ade8f

    • SHA512

      3d2f37accdfdbe9a5addc0c12eb804cc3e7378112f5fd5c27fafc039d487d3458ced50f9ba610a78f09fa11ceb9bb61dfeeb7767ce78ff2e7c60163d190ebded

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

MITRE ATT&CK Matrix

Tasks