General

  • Target

    50B8BE5CBAEE084B3572C875E5EAD57CA349F97FF24620A2BCC65C1FE2E9A75F.apk

  • Size

    2.5MB

  • Sample

    220603-g8e2rabfb9

  • MD5

    c955c20827322e2d024a5999d4efb2a0

  • SHA1

    35958f3865d4969916db7faceb8671957157ff69

  • SHA256

    50b8be5cbaee084b3572c875e5ead57ca349f97ff24620a2bcc65c1fe2e9a75f

  • SHA512

    341f2418b8505edc13181ac241cfb424490914c019e8c5a87ebdc2179b5eebeee7221e7e2f86b9985c866524ec04f73e6e827073db441bf9706fafc8e2fb4dc1

Malware Config

Extracted

Family

alienbot

C2

http://dhqertldx.tk

Targets

    • Target

      50B8BE5CBAEE084B3572C875E5EAD57CA349F97FF24620A2BCC65C1FE2E9A75F.apk

    • Size

      2.5MB

    • MD5

      c955c20827322e2d024a5999d4efb2a0

    • SHA1

      35958f3865d4969916db7faceb8671957157ff69

    • SHA256

      50b8be5cbaee084b3572c875e5ead57ca349f97ff24620a2bcc65c1fe2e9a75f

    • SHA512

      341f2418b8505edc13181ac241cfb424490914c019e8c5a87ebdc2179b5eebeee7221e7e2f86b9985c866524ec04f73e6e827073db441bf9706fafc8e2fb4dc1

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

MITRE ATT&CK Matrix

Tasks