General
-
Target
1D4A6D3FC2183925DBD5CCF6B827728AFA377770D9924F2F25954029B811E00E.apk
-
Size
2.0MB
-
Sample
220603-g7q3mabeg7
-
MD5
6c865514f5db0e6859f71d167f4e5422
-
SHA1
cbdf0be52ae272f57247887446ac4d33dd5bba45
-
SHA256
1d4a6d3fc2183925dbd5ccf6b827728afa377770d9924f2f25954029b811e00e
-
SHA512
c820f407aa7eee0b6c5fcb76fe78759631546bcd004f2c24b86e0d633d2a213e42cf85a41a79c4b1c16febc8bb3c27dc42d2fa622985c79b668db87ce3af449c
Static task
static1
Behavioral task
behavioral1
Sample
1D4A6D3FC2183925DBD5CCF6B827728AFA377770D9924F2F25954029B811E00E.apk
Resource
android-x86-arm-20220310-en
Behavioral task
behavioral2
Sample
1D4A6D3FC2183925DBD5CCF6B827728AFA377770D9924F2F25954029B811E00E.apk
Resource
android-x64-20220310-en
Behavioral task
behavioral3
Sample
1D4A6D3FC2183925DBD5CCF6B827728AFA377770D9924F2F25954029B811E00E.apk
Resource
android-x64-arm64-20220310-en
Malware Config
Extracted
alienbot
http://heriflicivir02.site
Targets
-
-
Target
1D4A6D3FC2183925DBD5CCF6B827728AFA377770D9924F2F25954029B811E00E.apk
-
Size
2.0MB
-
MD5
6c865514f5db0e6859f71d167f4e5422
-
SHA1
cbdf0be52ae272f57247887446ac4d33dd5bba45
-
SHA256
1d4a6d3fc2183925dbd5ccf6b827728afa377770d9924f2f25954029b811e00e
-
SHA512
c820f407aa7eee0b6c5fcb76fe78759631546bcd004f2c24b86e0d633d2a213e42cf85a41a79c4b1c16febc8bb3c27dc42d2fa622985c79b668db87ce3af449c
Score10/10-
Alienbot
Alienbot is a fork of Cerberus banker first seen in January 2020.
-
Makes use of the framework's Accessibility service.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Removes a system notification.
-