Overview

overview

10

Static

static

7

db026fe524...f0.apk

android_x86

10

db026fe524...f0.apk

android_x64

10

db026fe524...f0.apk

android_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    db026fe524d1ce98de04374ff374fdf0.apk

  • Size

    1.9MB

  • Sample

    220603-hdps5scab3

  • MD5

    db026fe524d1ce98de04374ff374fdf0

  • SHA1

    def50bc6a9d970846659c00fb529446af06483c7

  • SHA256

    dc215663af92d41f40f36088ec1b850b81092ea94a4a061a9ce88178daee965a

  • SHA512

    6102b8b355e30aa89befbd146564e00ac54ec2aea4f8ecc114edca226f6ffbf5210fe0484a20fa4b0a24098430450550d7ef7cef6acf72f8e94051b2630721cf

Score
10/10
alienbotandroidbankerevasioninfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://servicesc.xyz

Targets

    • Target

      db026fe524d1ce98de04374ff374fdf0.apk

    • Size

      1.9MB

    • MD5

      db026fe524d1ce98de04374ff374fdf0

    • SHA1

      def50bc6a9d970846659c00fb529446af06483c7

    • SHA256

      dc215663af92d41f40f36088ec1b850b81092ea94a4a061a9ce88178daee965a

    • SHA512

      6102b8b355e30aa89befbd146564e00ac54ec2aea4f8ecc114edca226f6ffbf5210fe0484a20fa4b0a24098430450550d7ef7cef6acf72f8e94051b2630721cf

    Score
    10/10
    alienbotbankerevasioninfostealertrojan

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

      bankertrojaninfostealeralienbot

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks