General

  • Target

    08DEEA11804AB237A1A9D5D553F46766F9D329B36E1A8B58F0F0F5271BF17CE5.apk

  • Size

    2.4MB

  • Sample

    220603-g9esdabfg8

  • MD5

    aba48f81f63467dacec07847ad3f23ff

  • SHA1

    260b7be6e642a09ca3a099e666e01610ec78023a

  • SHA256

    08deea11804ab237a1a9d5d553f46766f9d329b36e1a8b58f0f0f5271bf17ce5

  • SHA512

    1d37716e0b533b60a403fe602b1e530460e5be606dc51a848fdf77ea8c00160dc8951fe00377e301124e33655d24017995299541fc646230ffbeb6f720219e3b

Malware Config

Extracted

Family

alienbot

C2

http://kulakligimbozuldulan.xyz

Targets

    • Target

      08DEEA11804AB237A1A9D5D553F46766F9D329B36E1A8B58F0F0F5271BF17CE5.apk

    • Size

      2.4MB

    • MD5

      aba48f81f63467dacec07847ad3f23ff

    • SHA1

      260b7be6e642a09ca3a099e666e01610ec78023a

    • SHA256

      08deea11804ab237a1a9d5d553f46766f9d329b36e1a8b58f0f0f5271bf17ce5

    • SHA512

      1d37716e0b533b60a403fe602b1e530460e5be606dc51a848fdf77ea8c00160dc8951fe00377e301124e33655d24017995299541fc646230ffbeb6f720219e3b

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

MITRE ATT&CK Matrix

Tasks