General
-
Target
EE76E1B353E42A7946E2C7A904F4207D747FBEA017C3B74B5F865D3727C045F3.apk
-
Size
2.0MB
-
Sample
220603-g8k8rsbfc9
-
MD5
f5600bbe7922116282c866d8347695e3
-
SHA1
07fe3b341709f86a235e3d6fcf3661e1cc96d3e7
-
SHA256
ee76e1b353e42a7946e2c7a904f4207d747fbea017c3b74b5f865d3727c045f3
-
SHA512
4c6bd04622f7134371036ed851c8b85673823e79ed95e0a20d75f395a37d5ed7672e621ba821f7db3adb807db8d48ed676f5f2275596b0b33577909db665e3af
Static task
static1
Behavioral task
behavioral1
Sample
EE76E1B353E42A7946E2C7A904F4207D747FBEA017C3B74B5F865D3727C045F3.apk
Resource
android-x86-arm-20220310-en
Behavioral task
behavioral2
Sample
EE76E1B353E42A7946E2C7A904F4207D747FBEA017C3B74B5F865D3727C045F3.apk
Resource
android-x64-20220310-en
Behavioral task
behavioral3
Sample
EE76E1B353E42A7946E2C7A904F4207D747FBEA017C3B74B5F865D3727C045F3.apk
Resource
android-x64-arm64-20220310-en
Malware Config
Extracted
alienbot
http://yirtarimmincoyu.site
Targets
-
-
Target
EE76E1B353E42A7946E2C7A904F4207D747FBEA017C3B74B5F865D3727C045F3.apk
-
Size
2.0MB
-
MD5
f5600bbe7922116282c866d8347695e3
-
SHA1
07fe3b341709f86a235e3d6fcf3661e1cc96d3e7
-
SHA256
ee76e1b353e42a7946e2c7a904f4207d747fbea017c3b74b5f865d3727c045f3
-
SHA512
4c6bd04622f7134371036ed851c8b85673823e79ed95e0a20d75f395a37d5ed7672e621ba821f7db3adb807db8d48ed676f5f2275596b0b33577909db665e3af
Score10/10-
Alienbot
Alienbot is a fork of Cerberus banker first seen in January 2020.
-
Makes use of the framework's Accessibility service.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Removes a system notification.
-