Overview

overview

10

Static

static

7

F4B2370E79...D5.apk

android_x86

10

F4B2370E79...D5.apk

android_x64

10

F4B2370E79...D5.apk

android_x64

Analysis

  • max time kernel
    677037s
  • max time network
    161s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    03/06/2022, 06:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    F4B2370E793CBC37ADD4081E1804C81CEB1EE9318D696BF32C7295585C8D86D5.apk

  • Size

    1.8MB

  • MD5

    e80a143554654a797bc631ba92e96f0a

  • SHA1

    655f83f51c484cf281a065232b1e9bbe121a727e

  • SHA256

    f4b2370e793cbc37add4081e1804c81ceb1ee9318d696bf32c7295585c8d86d5

  • SHA512

    5366fe997a515c4ef4cec730e040a81d5e4b3d053b72e6dd41f3ce208098a62128f03a253d70bb6a26ff1383fff58b2856d0d2d3dab8d01d7ef7e52e1c79510e

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://waluelines.com

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • xewyn.skpyszdykrgb.xnjjybdlhiedliaowwxayseikp
    1⤵
    • Loads dropped Dex/Jar
    PID:6271
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6376
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6469
        • getprop ro.miui.ui.version.name
          2⤵
            PID:6513
          • getprop ro.miui.ui.version.name
            2⤵
              PID:6562
            • getprop ro.miui.ui.version.name
              2⤵
                PID:6597
              • getprop ro.miui.ui.version.name
                2⤵
                  PID:6647
                • getprop ro.miui.ui.version.name
                  2⤵
                    PID:6697

                Network

                MITRE ATT&CK Matrix

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • /data/user/0/xewyn.skpyszdykrgb.xnjjybdlhiedliaowwxayseikp/app_DynamicOptDex/gCHIDS.json
                  Filesize

                  673KB

                  MD5

                  f39d769bced257716ecaa98ad9dcdaa7

                  SHA1

                  e989abc57d620c3721d9a2395a862ad09ac954a1

                  SHA256

                  3a5ae37908bdeec1df26fa5b08c6c29e8597e834c775cc11d179b35d1a5808eb

                  SHA512

                  0829a9fdd927df2db98936d43f9073ce3c09473068cc537e68aa897df9c4d666ffcdfdbafd92350fa4c3e33c3267296bca1673e4b23fdd8e5580dae069f42129

                  Download Submit

                • /data/user/0/xewyn.skpyszdykrgb.xnjjybdlhiedliaowwxayseikp/app_DynamicOptDex/gCHIDS.json
                  Filesize

                  673KB

                  MD5

                  1bf4c9dd19a8bb4d672a2ee181f250e4

                  SHA1

                  c524a2bb587c0268de8989bb0108d828b6ef757c

                  SHA256

                  cc65d0ed5974eef1fa96d54ca03316c347553ec3a4c6158bc35dce436ae4a240

                  SHA512

                  bc000a3069c2d722075b0823233f99aac58116f39ca5a126b4e1c27196fbc9f68104d02de0d7b71a0028c457d44d379bc64064d56a11f6ecc51b241bc601ce1a

                  Download Submit

                • /data/user/0/xewyn.skpyszdykrgb.xnjjybdlhiedliaowwxayseikp/app_DynamicOptDex/gCHIDS.json
                  Filesize

                  673KB

                  MD5

                  1bf4c9dd19a8bb4d672a2ee181f250e4

                  SHA1

                  c524a2bb587c0268de8989bb0108d828b6ef757c

                  SHA256

                  cc65d0ed5974eef1fa96d54ca03316c347553ec3a4c6158bc35dce436ae4a240

                  SHA512

                  bc000a3069c2d722075b0823233f99aac58116f39ca5a126b4e1c27196fbc9f68104d02de0d7b71a0028c457d44d379bc64064d56a11f6ecc51b241bc601ce1a

                  Download Submit