Overview

overview

10

Static

static

7

7787ca51a6...24.apk

android_x86

10

7787ca51a6...24.apk

android_x64

10

7787ca51a6...24.apk

android_x64

10

Analysis

  • max time kernel
    2559735s
  • max time network
    162s
  • platform
    android_x64
  • resource
    android-x64-arm64-20220621-en
  • submitted
    25-06-2022 01:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7787ca51a67c54a82a6e0a0378a2df1e9c3817560838fd3fcfc87d855686ef24.apk

  • Size

    1.4MB

  • MD5

    bd361bd641a75b16ae3e3ba388c3c42c

  • SHA1

    d9518d572c576afeabc568a53e6b7daa8dee76d7

  • SHA256

    7787ca51a67c54a82a6e0a0378a2df1e9c3817560838fd3fcfc87d855686ef24

  • SHA512

    42889c7993f957780c3392bbd341b550a4f263bdb9976e6d143f80bc4514310b3ddbb9648c48687f90a0db9d71e9093afb1307099575bb14d574c2b2e7495363

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://tyrantthrone.xyz

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Makes use of the framework's Accessibility service. 2 IoCs
  • Acquires the wake lock. 1 IoCs
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • ocrgwbhbazwrwsxoi.azqajwqcdpsn.dorpbrfy
    1⤵
    • Makes use of the framework's Accessibility service.
    • Acquires the wake lock.
    • Loads dropped Dex/Jar
    PID:4806
    • getprop ro.miui.ui.version.name
      2⤵
        PID:5800
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6535
        • getprop ro.miui.ui.version.name
          2⤵
            PID:6578
          • getprop ro.miui.ui.version.name
            2⤵
              PID:6841
            • getprop ro.miui.ui.version.name
              2⤵
                PID:6921
              • getprop ro.miui.ui.version.name
                2⤵
                  PID:7318
                • getprop ro.miui.ui.version.name
                  2⤵
                    PID:7362

                Network

                MITRE ATT&CK Matrix

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • /data/user/0/ocrgwbhbazwrwsxoi.azqajwqcdpsn.dorpbrfy/app_DynamicOptDex/RbnU.json
                  Filesize

                  694KB

                  MD5

                  71af9635dadb0b61d4b994779fe9474f

                  SHA1

                  083697ac399e7f27c23e2fa18de400d6c4ae16d3

                  SHA256

                  1e99f925152e9fa9ca4b37cd0ce8b29d1b37b0794bd221f70b6107131b4f720c

                  SHA512

                  41fc40ca9a8b3d4a8b03c75cfb3d9be4de28191fadca409cd6198b90e30c87b65ef3fbb8428027c2bd7a647a754d25bcfdd0db7f8a49bab108ec192f1ebd39c7

                  Download Submit

                • /data/user/0/ocrgwbhbazwrwsxoi.azqajwqcdpsn.dorpbrfy/app_DynamicOptDex/RbnU.json
                  Filesize

                  694KB

                  MD5

                  890f5dcfe976d040943d0657921187bf

                  SHA1

                  fb0954481fa8ba91e44e8a1b156b84ac5bbb5909

                  SHA256

                  ce9b54128ae868af7b803eb241e34ee7ba7cef8a6bb9b8d31b58af9129ecfe29

                  SHA512

                  2d906524ad87b3efdef39c1dce928a6600c30e1c11fd7a2ffe911a996fc66d24c55324fa6fafa5db9686abacc7d250dc1c346cf9a358b2142d9c227fe7cf9cbf

                  Download Submit

                • /data/user/0/ocrgwbhbazwrwsxoi.azqajwqcdpsn.dorpbrfy/app_DynamicOptDex/RbnU.json
                  Filesize

                  694KB

                  MD5

                  890f5dcfe976d040943d0657921187bf

                  SHA1

                  fb0954481fa8ba91e44e8a1b156b84ac5bbb5909

                  SHA256

                  ce9b54128ae868af7b803eb241e34ee7ba7cef8a6bb9b8d31b58af9129ecfe29

                  SHA512

                  2d906524ad87b3efdef39c1dce928a6600c30e1c11fd7a2ffe911a996fc66d24c55324fa6fafa5db9686abacc7d250dc1c346cf9a358b2142d9c227fe7cf9cbf

                  Download Submit