General

  • Target

    45f5fa9427331e6a9d6ed2d8cdbaada5

  • Size

    1.8MB

  • Sample

    220603-gz8mpsbbf6

  • MD5

    45f5fa9427331e6a9d6ed2d8cdbaada5

  • SHA1

    d68855d2191094dc2ee86377de2c9eec444abfa1

  • SHA256

    d89e08db5af347be72f1307186638aaa062a8de45a808f57dce85bc83c94059e

  • SHA512

    c64934792301b6a7d5c3b8f5f4606b7e6c402b275ffd23ca1cab6a9f24630f5e282bbdd11f422d304ae86be030fa3303a5222a1380d13ccd1d80d4c0bcd05912

Malware Config

Extracted

Family

alienbot

C2

http://goldegrillz.top

Targets

    • Target

      45f5fa9427331e6a9d6ed2d8cdbaada5

    • Size

      1.8MB

    • MD5

      45f5fa9427331e6a9d6ed2d8cdbaada5

    • SHA1

      d68855d2191094dc2ee86377de2c9eec444abfa1

    • SHA256

      d89e08db5af347be72f1307186638aaa062a8de45a808f57dce85bc83c94059e

    • SHA512

      c64934792301b6a7d5c3b8f5f4606b7e6c402b275ffd23ca1cab6a9f24630f5e282bbdd11f422d304ae86be030fa3303a5222a1380d13ccd1d80d4c0bcd05912

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Makes use of the framework's Accessibility service.

    • Acquires the wake lock.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

MITRE ATT&CK Matrix

Tasks