Overview

overview

10

Static

static

7

7c83490803...0b.apk

android_x86

1

7c83490803...0b.apk

android_x64

10

7c83490803...0b.apk

android_x64

1

Analysis

  • max time kernel
    2560188s
  • max time network
    149s
  • platform
    android_x64
  • resource
    android-x64-20220621-en
  • submitted
    25-06-2022 01:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7c834908030f6884afde99b50812f20ccd5253ae1df1d9370a2d0a201014af0b.apk

  • Size

    1.5MB

  • MD5

    292c9e26ffe79e019bb67c1a4cf53d77

  • SHA1

    65c4ce134b9221c59a923f3c5f06cad528edb0fd

  • SHA256

    7c834908030f6884afde99b50812f20ccd5253ae1df1d9370a2d0a201014af0b

  • SHA512

    4d863adc866d9f07c51310f3f651ac3d0bf144708addf9aa04f5aa005901eb9a5553c20aa21e12de17f6b250d15933f3897e5b59cc402b153d0095fec82bb898

Score
10/10
alienbotbankerinfostealertrojan

Malware Config

Extracted

Family

alienbot

C2

http://odry.london

Signatures

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

Processes

  • fethqzabypgsytcqkccz.jqinmjugfzjojibhbwmz.tsxjdhotcktyfgqoiapzgjwugp
    1⤵
    • Loads dropped Dex/Jar
    PID:6121
    • getprop ro.miui.ui.version.name
      2⤵
        PID:6332
      • getprop ro.miui.ui.version.name
        2⤵
          PID:6751
        • getprop ro.miui.ui.version.name
          2⤵
            PID:6864
          • getprop ro.miui.ui.version.name
            2⤵
              PID:6977
            • getprop ro.miui.ui.version.name
              2⤵
                PID:7012
              • getprop ro.miui.ui.version.name
                2⤵
                  PID:7047

              Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              • /data/user/0/fethqzabypgsytcqkccz.jqinmjugfzjojibhbwmz.tsxjdhotcktyfgqoiapzgjwugp/app_DynamicOptDex/IQm.json
                Filesize

                658KB

                MD5

                4f0ed2c40656977fa8cea45e0f351e09

                SHA1

                99dae1e4ceb6928d041695a11af394cdf5d0b1d7

                SHA256

                c5be51f04478f51cc1f997e3bb389b3faae35738890e199bccfb198df435cf81

                SHA512

                5898c5d1dc66015af97972d9a8f1801fb41e712ecfcad7007a03c82ee3e9a182d169490941ede5ee1b32405b35b028d3a6dd689b08e413f9f7ee60de871c98d1

                Download Submit

              • /data/user/0/fethqzabypgsytcqkccz.jqinmjugfzjojibhbwmz.tsxjdhotcktyfgqoiapzgjwugp/app_DynamicOptDex/IQm.json
                Filesize

                658KB

                MD5

                94ce26115df1664aa1adf1a05682deba

                SHA1

                bf4b0171c70ca56559bb219312bf53023cf1ad18

                SHA256

                0c03c7d4b144b7b2b95f0d5335ef4fcd5a9b8b74bb0a65f747392f9117f6afe9

                SHA512

                eefac54b5aeb6a4b629f9a925101be9a3192834a1248b3f129c6a04a9227740d0a3c4ebd98c610ddfa304ecedc4a086134d35142e80676a5b1775e2a357634b9

                Download Submit

              • /data/user/0/fethqzabypgsytcqkccz.jqinmjugfzjojibhbwmz.tsxjdhotcktyfgqoiapzgjwugp/app_DynamicOptDex/IQm.json
                Filesize

                658KB

                MD5

                94ce26115df1664aa1adf1a05682deba

                SHA1

                bf4b0171c70ca56559bb219312bf53023cf1ad18

                SHA256

                0c03c7d4b144b7b2b95f0d5335ef4fcd5a9b8b74bb0a65f747392f9117f6afe9

                SHA512

                eefac54b5aeb6a4b629f9a925101be9a3192834a1248b3f129c6a04a9227740d0a3c4ebd98c610ddfa304ecedc4a086134d35142e80676a5b1775e2a357634b9

                Download Submit