Overview

overview

10

Static

static

7

AF4BE859F9...F6.apk

android_x86

10

AF4BE859F9...F6.apk

android_x64

10

AF4BE859F9...F6.apk

android_x64

Analysis

  • max time kernel
    680136s
  • max time network
    155s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    03/06/2022, 06:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AF4BE859F940C75BDA872242AB47A0D725274002D8A2F0F5C3575512180519F6.apk

  • Size

    2.1MB

  • MD5

    b144ce370f3442838357a36bec154877

  • SHA1

    88cca5b0b6ca6ef5bd0569f5ded4236cf40021b5

  • SHA256

    af4be859f940c75bda872242ab47a0d725274002d8a2f0f5c3575512180519f6

  • SHA512

    42c43f3d8dc5a734550835e7da2fff32bfff4f426bfd81f7d9767c081948f1f8c82c29ea5366c29c511f4864ce177393cf234e827464463c52d6ade33f0a02ee

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://akarbvc11.site

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • blxgufiygbamtkxuegercndzfp.dwwgytojgywbnxgmlanjuzkkr.qwctelpoyubhy
    1⤵
    • Loads dropped Dex/Jar
    PID:6305
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6403
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6493

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • /data/user/0/blxgufiygbamtkxuegercndzfp.dwwgytojgywbnxgmlanjuzkkr.qwctelpoyubhy/app_DynamicOptDex/Rw.json
        Filesize

        686KB

        MD5

        1afe2041ce9ad87b989d720be9ede429

        SHA1

        edfa6233e1df508c1a111d8d01acfdaf1c6038a9

        SHA256

        5f8c9d14139f20bf2df0a301de99b6f1c289b64fc378e76c6868cc358469f9a9

        SHA512

        17a60781488e2d38c4c48e5d0a05f9bad2e13d1561398e4f666ab7f316128164b21269a9d2e5f06c35d040b1f0508adb4e6d1a140d445ce60eb6308e09c84db6

        Download Submit

      • /data/user/0/blxgufiygbamtkxuegercndzfp.dwwgytojgywbnxgmlanjuzkkr.qwctelpoyubhy/app_DynamicOptDex/Rw.json
        Filesize

        686KB

        MD5

        f63eb0012aa97c7f458fd52305314a62

        SHA1

        83bac65c1aa5048988b630be42703751e7f1a8b5

        SHA256

        9c44aa2dbdb612005a36aac85454aa2882efaf9c0127b26458dda850b56c3c61

        SHA512

        e3a3fecdf8d7f8c4edc1b1c67c9dd5788a139aac5c1c9307f36898d37b300eb4c3f309e861c695c89fee7c6c043af73b38c28490946890259e91fd811536c047

        Download Submit

      • /data/user/0/blxgufiygbamtkxuegercndzfp.dwwgytojgywbnxgmlanjuzkkr.qwctelpoyubhy/app_DynamicOptDex/Rw.json
        Filesize

        686KB

        MD5

        f63eb0012aa97c7f458fd52305314a62

        SHA1

        83bac65c1aa5048988b630be42703751e7f1a8b5

        SHA256

        9c44aa2dbdb612005a36aac85454aa2882efaf9c0127b26458dda850b56c3c61

        SHA512

        e3a3fecdf8d7f8c4edc1b1c67c9dd5788a139aac5c1c9307f36898d37b300eb4c3f309e861c695c89fee7c6c043af73b38c28490946890259e91fd811536c047

        Download Submit