Overview

overview

10

Static

static

7

1C8E57FEC1...96.apk

android_x86

10

1C8E57FEC1...96.apk

android_x64

10

1C8E57FEC1...96.apk

android_x64

Analysis

  • max time kernel
    680023s
  • max time network
    167s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    03/06/2022, 06:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1C8E57FEC1FCDA155912DCAB99E33E0B0BD7FC7A582543BDDF77C57E5DB3BC96.apk

  • Size

    2.5MB

  • MD5

    e0a9474a9398bd8bf0129eb063979099

  • SHA1

    03901f3a238e40c43f5d0d68ab0dc92d2e8f63ad

  • SHA256

    1c8e57fec1fcda155912dcab99e33e0b0bd7fc7a582543bddf77c57e5db3bc96

  • SHA512

    53754d4ce5fe8d15a20575f8cf96370727de5127b3bb561e5aaf05956ef216a6c70fa15ce7c59e3d3cf773b3286eb85665fbf98f8950a341d27273a382307784

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://perohi21.xyz

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • pkquuhla.cnwfsecopyezly.bwgckasbsenxfarex
    1⤵
    • Loads dropped Dex/Jar
    PID:6338
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6430
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6537

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/user/0/pkquuhla.cnwfsecopyezly.bwgckasbsenxfarex/app_DynamicOptDex/UmuFFP.json
        Filesize

        696KB

        MD5

        eb09e2b0d70b91fa126b94c28b45a29a

        SHA1

        bfe56c2465365a2c789b96ebf8670377571791df

        SHA256

        ffcf7b638c8ba81eb11aa3fd71391704b9ff4d4d24a43eca8a00f3032aca41bb

        SHA512

        6890aa0fff9ca17ffaeb4f6d0f9bffbcd6003f79cfd03e4234ce11a66b3394f8eb9a3a305d61c35b120ddc8b476359046dba1feb9e26fa07d71e4dbd4d6e8f26

        Download Submit

      • /data/user/0/pkquuhla.cnwfsecopyezly.bwgckasbsenxfarex/app_DynamicOptDex/UmuFFP.json
        Filesize

        696KB

        MD5

        dd6e772c89c17ea3a4a879450bee1c69

        SHA1

        b0376104640d469c94bbbd8acb7d926154b891e3

        SHA256

        d4e16b92e28bc7c45b3a1a0ebc72158ea24c0711d27648dba2c1f4bd6b42c6b2

        SHA512

        9ab8ff81fab53cb6ce3bfbd85c11d3f0cc92f8dc2a1af5db0f159cf48933a14a8acf99f6da30908e6b0a6b6ecfa87a02aeb8c0b233d03f0bc62d6c7b1941d1ea

        Download Submit

      • /data/user/0/pkquuhla.cnwfsecopyezly.bwgckasbsenxfarex/app_DynamicOptDex/UmuFFP.json
        Filesize

        696KB

        MD5

        dd6e772c89c17ea3a4a879450bee1c69

        SHA1

        b0376104640d469c94bbbd8acb7d926154b891e3

        SHA256

        d4e16b92e28bc7c45b3a1a0ebc72158ea24c0711d27648dba2c1f4bd6b42c6b2

        SHA512

        9ab8ff81fab53cb6ce3bfbd85c11d3f0cc92f8dc2a1af5db0f159cf48933a14a8acf99f6da30908e6b0a6b6ecfa87a02aeb8c0b233d03f0bc62d6c7b1941d1ea

        Download Submit