General
-
Target
7ab51fb20608701fbceecffd076ca81f.apk
-
Size
1.4MB
-
Sample
220821-jffhxshch6
-
MD5
7ab51fb20608701fbceecffd076ca81f
-
SHA1
49011c5b76a07e4fdd310ce1310e727dcc068268
-
SHA256
b76dc5d0e102e3c3ea30c6977114e98ab1198e7e8a6556487d375a198b647d7b
-
SHA512
9b16f418e29ebedd957814285478e57bc254fa4615e13038da05c66d56ef7c78b0cc03a42c50af0cbd76730aca4b6a14cc670137a09520fda394ef0e5fb4ab22
-
SSDEEP
24576:eQS4T5L2UYrD3RcXiTvOujfYpbdKJ+nVFarFD2wi5iQIhhBHTym5lVtc8P:55HKDB2i7jfgbd3AFDkqhly6BcC
Malware Config
Extracted
alienbot
http://aslaolmazdenemyardim.co.vu/
Targets
-
-
Target
7ab51fb20608701fbceecffd076ca81f.apk
-
Size
1.4MB
-
MD5
7ab51fb20608701fbceecffd076ca81f
-
SHA1
49011c5b76a07e4fdd310ce1310e727dcc068268
-
SHA256
b76dc5d0e102e3c3ea30c6977114e98ab1198e7e8a6556487d375a198b647d7b
-
SHA512
9b16f418e29ebedd957814285478e57bc254fa4615e13038da05c66d56ef7c78b0cc03a42c50af0cbd76730aca4b6a14cc670137a09520fda394ef0e5fb4ab22
-
SSDEEP
24576:eQS4T5L2UYrD3RcXiTvOujfYpbdKJ+nVFarFD2wi5iQIhhBHTym5lVtc8P:55HKDB2i7jfgbd3AFDkqhly6BcC
Score10/10-
Alienbot
Alienbot is a fork of Cerberus banker first seen in January 2020.
-
Makes use of the framework's Accessibility service.
-
Acquires the wake lock.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Removes a system notification.
-