Overview

overview

10

Static

static

7

35BC5FB59D...B7.apk

android_x86

10

35BC5FB59D...B7.apk

android_x64

10

35BC5FB59D...B7.apk

android_x64

Analysis

  • max time kernel
    676678s
  • max time network
    161s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    03-06-2022 06:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    35BC5FB59D33E48CC86B9DF91AD92D7BD826E7CBFAEB65CEB901318B0652CEB7.apk

  • Size

    1.8MB

  • MD5

    b1bd9844707d455e9e2710aacfc30b68

  • SHA1

    215f3e25bb47c47f55bea88adf51e77f97ad6295

  • SHA256

    35bc5fb59d33e48cc86b9df91ad92d7bd826e7cbfaeb65ceb901318b0652ceb7

  • SHA512

    0b172b2acfab85a968a83a09ad45046e1831e96196ffb66f32f49bbfeb9f64c0dbd5ef13efefe2453fbbe9ad9b4bff6100b38b3987de7b282feacfb4dfdadf97

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://konusuyonyapraam.cyou

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • wizoejwr.bbxjeugyx.izjmksif
    1⤵
    • Loads dropped Dex/Jar
    PID:6286
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6373
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6464

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/user/0/wizoejwr.bbxjeugyx.izjmksif/app_DynamicOptDex/EXDbJ.json
        Filesize

        728KB

        MD5

        767867387b8491f8fdd2ee21944d57ac

        SHA1

        33836774734c6b9e096bb1e9613c718440fffd95

        SHA256

        bf25e086a66e00fd017ca7d7a28a7d877b91f0c66a9662745df5a83e8c718c25

        SHA512

        6046fea407ffff3fe2b9f504ffc505ea5b91be91d8cf6d8f133a6e5a7366dddc633e4f18a7cdeebcb5997f6d0af8d80aa2c01531c2e6b804244367ea86808c40

        Download Submit

      • /data/user/0/wizoejwr.bbxjeugyx.izjmksif/app_DynamicOptDex/EXDbJ.json
        Filesize

        728KB

        MD5

        657b6faea43f6b7842eb496a0a8f78e5

        SHA1

        b7e35c8024136114d84d48e20b6f98298fb20418

        SHA256

        b197c2a988d33367a894747f9c0b00e8d101b1cfaef8367431ad915a84f97e80

        SHA512

        2396d2e6af19460c90a7f2497d3255e424a9a166c4a051acf7328607174e445675ba732d210e9ca397d9246a35b18a8f29184810f94e07fca457d43f9e1dc82f

        Download Submit

      • /data/user/0/wizoejwr.bbxjeugyx.izjmksif/app_DynamicOptDex/EXDbJ.json
        Filesize

        728KB

        MD5

        657b6faea43f6b7842eb496a0a8f78e5

        SHA1

        b7e35c8024136114d84d48e20b6f98298fb20418

        SHA256

        b197c2a988d33367a894747f9c0b00e8d101b1cfaef8367431ad915a84f97e80

        SHA512

        2396d2e6af19460c90a7f2497d3255e424a9a166c4a051acf7328607174e445675ba732d210e9ca397d9246a35b18a8f29184810f94e07fca457d43f9e1dc82f

        Download Submit

      • /data/user/0/wizoejwr.bbxjeugyx.izjmksif/app_DynamicOptDex/oat/EXDbJ.json.cur.prof
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit