General
-
Target
19F0F083EE2665DBD3875409CA1CF655C1E9B8B848F99414C792C51DC0EB9706.apk
-
Size
1.9MB
-
Sample
220603-g8ar2abfb2
-
MD5
7b5b4d38e103c1ad103717be1383f639
-
SHA1
777800a91615f79b0fffd6039f4d7a58ada94bd8
-
SHA256
19f0f083ee2665dbd3875409ca1cf655c1e9b8b848f99414c792c51dc0eb9706
-
SHA512
fdfc3192e9cf68170b35df78bd2f0308579458de7f149472b1762d07ce682ed88a832d196800585a9911ac8ec3a600cd06bed6789cd30e7304c864411d10ba73
Static task
static1
Behavioral task
behavioral1
Sample
19F0F083EE2665DBD3875409CA1CF655C1E9B8B848F99414C792C51DC0EB9706.apk
Resource
android-x86-arm-20220310-en
Behavioral task
behavioral2
Sample
19F0F083EE2665DBD3875409CA1CF655C1E9B8B848F99414C792C51DC0EB9706.apk
Resource
android-x64-20220310-en
Behavioral task
behavioral3
Sample
19F0F083EE2665DBD3875409CA1CF655C1E9B8B848F99414C792C51DC0EB9706.apk
Resource
android-x64-arm64-20220310-en
Malware Config
Extracted
alienbot
http://piranno12.site
Targets
-
-
Target
19F0F083EE2665DBD3875409CA1CF655C1E9B8B848F99414C792C51DC0EB9706.apk
-
Size
1.9MB
-
MD5
7b5b4d38e103c1ad103717be1383f639
-
SHA1
777800a91615f79b0fffd6039f4d7a58ada94bd8
-
SHA256
19f0f083ee2665dbd3875409ca1cf655c1e9b8b848f99414c792c51dc0eb9706
-
SHA512
fdfc3192e9cf68170b35df78bd2f0308579458de7f149472b1762d07ce682ed88a832d196800585a9911ac8ec3a600cd06bed6789cd30e7304c864411d10ba73
Score10/10-
Alienbot
Alienbot is a fork of Cerberus banker first seen in January 2020.
-
Makes use of the framework's Accessibility service.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Removes a system notification.
-