Overview

overview

10

Static

static

7

CC2F8E85E7...57.apk

android_x86

10

CC2F8E85E7...57.apk

android_x64

10

CC2F8E85E7...57.apk

android_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CC2F8E85E7045473B9C5EF20EF38357C48493F0695A5144CED49D6B221F47557.apk

  • Size

    2.1MB

  • Sample

    220603-g9qjwaffhk

  • MD5

    c9c42e9ef1523105e43c87f05737a503

  • SHA1

    1b64cc4fd0f1c31e72c3c51b81aa65780341bf03

  • SHA256

    cc2f8e85e7045473b9c5ef20ef38357c48493f0695a5144ced49d6b221f47557

  • SHA512

    e8e33b2eaac0dc937ae03bed168cf02c7248b3075358239abe6567aa54110a95442437aa453c95e14f4a579c8c97789ed8fc9e7561a30a48b7c21bb94247f0df

Score
10/10
alienbotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://iphone11acces.com

Targets

    • Target

      CC2F8E85E7045473B9C5EF20EF38357C48493F0695A5144CED49D6B221F47557.apk

    • Size

      2.1MB

    • MD5

      c9c42e9ef1523105e43c87f05737a503

    • SHA1

      1b64cc4fd0f1c31e72c3c51b81aa65780341bf03

    • SHA256

      cc2f8e85e7045473b9c5ef20ef38357c48493f0695a5144ced49d6b221f47557

    • SHA512

      e8e33b2eaac0dc937ae03bed168cf02c7248b3075358239abe6567aa54110a95442437aa453c95e14f4a579c8c97789ed8fc9e7561a30a48b7c21bb94247f0df

    Score
    10/10
    alienbotbankerevasioninfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks