General

  • Target

    68807B45C752F41989F19651AD1A5E55ADDD57C8420DF5C39D2B59A577123A65.apk

  • Size

    1.8MB

  • Sample

    220603-hdmzjscab2

  • MD5

    0540a0998b2c3f0395b192a42a1cbc7e

  • SHA1

    4c9ff01441aace76582d355acb6b219762c2bab3

  • SHA256

    68807b45c752f41989f19651ad1a5e55addd57c8420df5c39d2b59a577123a65

  • SHA512

    f048a77ed41465cf65c8345e6a66a78503ce0ffb0cda13d0a90658ecb8461179f37c19fb352e3ac2d5b015704210f0b10576847d8ce3f632f551bc22956c5893

Malware Config

Extracted

Family

alienbot

C2

http://cacecarsa5.com

Targets

    • Target

      68807B45C752F41989F19651AD1A5E55ADDD57C8420DF5C39D2B59A577123A65.apk

    • Size

      1.8MB

    • MD5

      0540a0998b2c3f0395b192a42a1cbc7e

    • SHA1

      4c9ff01441aace76582d355acb6b219762c2bab3

    • SHA256

      68807b45c752f41989f19651ad1a5e55addd57c8420df5c39d2b59a577123a65

    • SHA512

      f048a77ed41465cf65c8345e6a66a78503ce0ffb0cda13d0a90658ecb8461179f37c19fb352e3ac2d5b015704210f0b10576847d8ce3f632f551bc22956c5893

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

MITRE ATT&CK Matrix

Tasks