Overview

overview

10

Static

static

7

CC2F8E85E7...57.apk

android_x86

10

CC2F8E85E7...57.apk

android_x64

10

CC2F8E85E7...57.apk

android_x64

Analysis

  • max time kernel
    677410s
  • max time network
    170s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    03-06-2022 06:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CC2F8E85E7045473B9C5EF20EF38357C48493F0695A5144CED49D6B221F47557.apk

  • Size

    2.1MB

  • MD5

    c9c42e9ef1523105e43c87f05737a503

  • SHA1

    1b64cc4fd0f1c31e72c3c51b81aa65780341bf03

  • SHA256

    cc2f8e85e7045473b9c5ef20ef38357c48493f0695a5144ced49d6b221f47557

  • SHA512

    e8e33b2eaac0dc937ae03bed168cf02c7248b3075358239abe6567aa54110a95442437aa453c95e14f4a579c8c97789ed8fc9e7561a30a48b7c21bb94247f0df

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://iphone11acces.com

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • til.dyuoifkolswkxunrhy.brzo
    1⤵
    • Loads dropped Dex/Jar
    PID:6168
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6281
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6437

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/user/0/til.dyuoifkolswkxunrhy.brzo/app_DynamicOptDex/FKNBjoP.json
        Filesize

        746KB

        MD5

        787eaecb09dc0adb55f4247999448412

        SHA1

        2c9af00da826edc7c7f27d1fc05f303f79fb435a

        SHA256

        2e615d3e75f5f3b54c283c7d36200c31f301d986b397a43f8c16b516636fdbe0

        SHA512

        aa44ab83f919ffa9c6143fed925efcab79b62782014635e887c9b0257d1704115e40b36c6caa95a8108ac9ca835de46ee812255d388415f71e45b49d5cda7867

        Download Submit

      • /data/user/0/til.dyuoifkolswkxunrhy.brzo/app_DynamicOptDex/FKNBjoP.json
        Filesize

        746KB

        MD5

        bee502157b314f8ef002762fe8fc18a8

        SHA1

        257d8e042014a6b2473bc5b206ff18e4d6ef579b

        SHA256

        72f97ddba9280f294767d26b5b81802731a58d86c087b61ad0667953c7690473

        SHA512

        0391293ef1a2c1306390b05438c791c977e4f5e1b9df2030e845e8f68ec0acd5635c4986ae60d28854ed290685156e9fc37903d81f5b2c04af25fb7bdaf789b9

        Download Submit

      • /data/user/0/til.dyuoifkolswkxunrhy.brzo/app_DynamicOptDex/FKNBjoP.json
        Filesize

        746KB

        MD5

        bee502157b314f8ef002762fe8fc18a8

        SHA1

        257d8e042014a6b2473bc5b206ff18e4d6ef579b

        SHA256

        72f97ddba9280f294767d26b5b81802731a58d86c087b61ad0667953c7690473

        SHA512

        0391293ef1a2c1306390b05438c791c977e4f5e1b9df2030e845e8f68ec0acd5635c4986ae60d28854ed290685156e9fc37903d81f5b2c04af25fb7bdaf789b9

        Download Submit

      • /data/user/0/til.dyuoifkolswkxunrhy.brzo/app_DynamicOptDex/oat/FKNBjoP.json.cur.prof
        MD5

        d41d8cd98f00b204e9800998ecf8427e

        SHA1

        da39a3ee5e6b4b0d3255bfef95601890afd80709

        SHA256

        e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

        SHA512

        cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

        Download Submit