General

  • Target

    3d30b7df52672307b20beb1deb7b3b18e06edca63a6583d92125cba8329da107

  • Size

    1.5MB

  • Sample

    220701-fzav1adfdk

  • MD5

    59acb3a6f6568418649f26aee690dffa

  • SHA1

    d5d5e021311b81beb692ee02ae5f95be7f9e5592

  • SHA256

    3d30b7df52672307b20beb1deb7b3b18e06edca63a6583d92125cba8329da107

  • SHA512

    0dff1a2909a9cb4fdd34025ea4301db9661a4f672d6a96411be105d09b0116d5d3c054e33f8cb1baac4100db6c1a4f6dfbcb11bcfeea59f412be7cdcacb92fea

Malware Config

Extracted

Family

alienbot

C2

http://botprivate.ug

Targets

    • Target

      3d30b7df52672307b20beb1deb7b3b18e06edca63a6583d92125cba8329da107

    • Size

      1.5MB

    • MD5

      59acb3a6f6568418649f26aee690dffa

    • SHA1

      d5d5e021311b81beb692ee02ae5f95be7f9e5592

    • SHA256

      3d30b7df52672307b20beb1deb7b3b18e06edca63a6583d92125cba8329da107

    • SHA512

      0dff1a2909a9cb4fdd34025ea4301db9661a4f672d6a96411be105d09b0116d5d3c054e33f8cb1baac4100db6c1a4f6dfbcb11bcfeea59f412be7cdcacb92fea

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

MITRE ATT&CK Matrix

Tasks