General

  • Target

    7DE0AF643B9888E7F2F9009B1D40D9B8BB445B343DB5D30C608C0DEC3B25311E.apk

  • Size

    2.1MB

  • Sample

    220603-g7w9msbeh6

  • MD5

    8d87534c81183f667ebae7692fe1f6f2

  • SHA1

    d9c1722b76094fbf0b7d2b0cdedc48e21e0e23c8

  • SHA256

    7de0af643b9888e7f2f9009b1d40d9b8bb445b343db5d30c608c0dec3b25311e

  • SHA512

    09929777ea6cc452eaf35a937f9f92efd83d4d7c9f706ee67587e0193a531a882870bc6b91b5c7498e8e15ec07eb832c5881fff7bdc53273fe1054441a94cb10

Malware Config

Extracted

Family

alienbot

C2

http://ukalasey.com

Targets

    • Target

      7DE0AF643B9888E7F2F9009B1D40D9B8BB445B343DB5D30C608C0DEC3B25311E.apk

    • Size

      2.1MB

    • MD5

      8d87534c81183f667ebae7692fe1f6f2

    • SHA1

      d9c1722b76094fbf0b7d2b0cdedc48e21e0e23c8

    • SHA256

      7de0af643b9888e7f2f9009b1d40d9b8bb445b343db5d30c608c0dec3b25311e

    • SHA512

      09929777ea6cc452eaf35a937f9f92efd83d4d7c9f706ee67587e0193a531a882870bc6b91b5c7498e8e15ec07eb832c5881fff7bdc53273fe1054441a94cb10

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

MITRE ATT&CK Matrix

Tasks