Extracted

• • Target

    6245fa164605d119c883a056c185f3fd9c502eba4ef08290bdc053b0db68466e.apk

  • Size

    1.4MB

  • MD5

    63bd520e98ceea016ef2377e97f0bfda

  • SHA1

    771f954bcd2570d012cc82f3bc90789116b618ff

  • SHA256

    6245fa164605d119c883a056c185f3fd9c502eba4ef08290bdc053b0db68466e

  • SHA512

    237241a9f54116ba931f5c50884a1bd686562d198d12391054ee3338a46ff44003a3a0fe115a959f79a01e0ce46f18efe12255b613872b55cdf79e0622a41e33

  • SSDEEP

    24576:tkzaymuPbH/3ZB9xiIK1fkm0cIoJHEHc7OrsSfm7BrB+cRMVy10UEF8:62uPb/ZxiI5tcxHEHc7M8BrlMVsEF8

  Score

  10^/10

  alienbotbankerevasioninfostealerransomwaretrojan

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot

  • Renames multiple (162) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

  • Renames multiple (164) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

  • Renames multiple (166) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

  • Makes use of the framework's Accessibility service.

  • Acquires the wake lock.

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

  • Removes a system notification.

    evasion
  behavioral1behavioral2behavioral3

• • Target

    actionsQueue.js

  • Size

    14KB

  • MD5

    02b28e8b78ee30fa36b451f59984e265

  • SHA1

    4ed97513f394305e3fde9b217945a919cafc1181

  • SHA256

    61de71f86447e698d48ca9e4f691c3bbbe3997f31323ea8441c3e5994092a09b

  • SHA512

    e0e82b929c05670cba2d2fdb85a0092665648bc0a299546e80ef091d61fbca3e63fcb576443cd6c047f3eaa8d8443c61eeaf258fe56251cf83889a7a560dec57

  • SSDEEP

    192:ylpi0RiSH+IGqSCz84o3SCFia31NsjIsjYxqi+MC/RSYFIF8zE4Ogtu69xIOHEMa:mNeICibDI94OnXgPKce

  Score

  1^/10
  behavioral4behavioral5

• • Target

    mraid.js

  • Size

    44KB

  • MD5

    b8e2504def9c61f2d1350a6fb33c8ab6

  • SHA1

    29b50211f8c1adce03de566dc04ab8e00a28b0a5

  • SHA256

    3bc6833d3a84fae3e4a74ba05b12945e8cd76b5a9f2a1ff5ccffbf61cdb4ed3a

  • SHA512

    ea33c05fa27aae50bf2b2424994e998bae86d32fa2c5b8f19f7cecb2f2c700e731c25721c38acca76155a9b485b84df6f6ee0f70aa6ae8ac3c326bf0f70403af

  • SSDEEP

    384:QNeICibDI94OnXgPKLeALdCW/yi8Ld8U7mPO:QIIrbJKi

  Score

  1^/10
  behavioral6behavioral7

• • Target

    omsdk-v1.js

  • Size

    38KB

  • MD5

    ad0804e22766a82341b4cbe639b526cf

  • SHA1

    a1458ea624e10faaaf141db97d90ccfcb7f3c075

  • SHA256

    4c61d4b14a471fe10f71845713be9417cfbd90222a41c9c8023e915a231a3be2

  • SHA512

    a68e23dd287626a3670b1fd52a3cb18a158d3d7636b1a1bc473f61fb213f70a8488dc6c830ac53a3653f4457e74c71a2483992c3d2d69f586c89f810f2bb0907

  • SSDEEP

    768:RRB6W8jP2VVh4gKqf3y6iPxjggbtoPqaK57Q2/9vt5ZBFus9cAZhmUs+2ZnIezGp:RRBv872zf3anxoPqaK57Q2/9vt5ZBF5J

  Score

  1^/10
  behavioral8behavioral9

• • Target

    shape_01.svg

  • Size

    691B

  • MD5

    d20372ff49cbc552ba46c3d0e75d7bcc

  • SHA1

    7e3fd9c5b99a7857fa4d8cd2447f405d2054d6cb

  • SHA256

    e1dc2b963cac22f2b7d91148108b89131cacab682c7887665303c5bdb66a3ad5

  • SHA512

    d4864d4f9086ef5ecfe4fd3819983d41500fe9f7e64d787130699b5bcaf09e501a2b3143ebbd3398062446cea650898f9f9ddcd9792ed41a10275a93323254dd

  Score

  1^/10
  behavioral10behavioral11

• • Target

    shape_02.svg

  • Size

    871B

  • MD5

    b1f4cc6d1c954e73cc6e7d8b47c4db8f

  • SHA1

    986ea9addedb45a0d3c8c6c70a636e870959b79d

  • SHA256

    0b0c35ce63044f7756cf201f5978f44c439805e524c365ae9949994347487b79

  • SHA512

    77d46d25ddf91c010f69ebad82800575b4cb0be4bc5e8199bd5d877a2e6a624e0f455268d8f26aaae2f5180a3c2b6dbe8bb782017c6e342960c1e7a26ae43d64

  Score

  1^/10
  behavioral12behavioral13

• • Target

    shape_03.svg

  • Size

    779B

  • MD5

    8f9ecb2cd3049793539c46ee7944e909

  • SHA1

    219d16f259268c617e5a51fe629422b1b27cd297

  • SHA256

    08384b22c6e21884c41f2472773f93d0d9dd58ccd126c854ffc4ddfdcd4b3a3e

  • SHA512

    031175aa290fc2d0f0307f5597593dff1355e269f29a0d964e923e4546b72600e0665ad56d737f3f90562152f66070d1ca8c9d15bcd811c37cfb25ac234722b9

  Score

  1^/10
  behavioral14behavioral15

• • Target

    shape_04.svg

  • Size

    828B

  • MD5

    07377bd1a13bbec7af35e95af89b4245

  • SHA1

    d2059d04e0072ba94d4267e8c220e56662422fec

  • SHA256

    8a2ef1ac06c3071986fdc48a0e16934acc6cbbe73b8196d33d3c17d15798ef29

  • SHA512

    8860e198ca78c09d135afc0852dc995ddfa9fa104c2dcfa55de4f20a31f134ebcc6af285d2112e8db7c0934607917dff62349806c62f29cf755b8ed3f63ddb51

  Score

  1^/10
  behavioral16behavioral17

• • Target

    shape_05.svg

  • Size

    471B

  • MD5

    d088bfa4b1e206c8c5ed88405855f767

  • SHA1

    1cc0925ff6a38384f466560cc86b1afcadbeb15c

  • SHA256

    2f7924e1f2537622b8617a051765bd4fe57272e9f14a37f4bbe127269c522434

  • SHA512

    d1ceda7c098a5934f1808d9b89bcb7fa8809a1f084e915ea0c12ee9070b854ae9d625eaccee3af3db5d50a07438eeb346b01ea73463fe5e34b988a7663321b79

  Score

  1^/10
  behavioral18behavioral19

• • Target

    shape_06.svg

  • Size

    1KB

  • MD5

    f804c3c0fc87fae049b25a827c8af161

  • SHA1

    445ad3b8c8d54a5ef32b25289d76907b4d32c9a2

  • SHA256

    f51e36583711e18097f4526a3303cec7efa3609f96c8051a5eb4ad0c003abdab

  • SHA512

    bdded52d78a6dfd4dd37327a752aef85cb9235a03702fec858696643b5d884970e3896b737dc1f894888ae6bc4e5b8ea2bfb7822b3ecfa87e34a7f25ffb33cc7

  Score

  1^/10
  behavioral20behavioral21

• • Target

    shape_07.svg

  • Size

    784B

  • MD5

    d1bee0d28e01bd093c9ee30578b7fe78

  • SHA1

    2a8fcb49d4d3db9bba638b7d28b4c4832f4b9509

  • SHA256

    ac0512690b503d3ffeedada617e823d6406f3376b06f7b8f1f5db2abbc9a3686

  • SHA512

    ccd64fadcfaa5ea02c586aeeac45e3169a685b4087e23f1fda26522b1286bba434b4431b337349ecfb1f3233aaf054aa8940ba9f03e973718d7a796da53d12c6

  Score

  1^/10
  behavioral22behavioral23

• • Target

    shape_08.svg

  • Size

    878B

  • MD5

    fd27ff18671bd9933efa7d68dbf44943

  • SHA1

    eae33d6920e9eafb83a5fb2af395382888b458e4

  • SHA256

    c7680eccf1e8e90e2d21a0e2662a1a37498707018504cd532d2cfe911587b21c

  • SHA512

    e362165c993f2907d90ab4a097da695824011cef12b11325e2ba98820332d74430f74d41282ef0b8df5f88cb4d0e3ba5f93a0f38785b3ccb298a67186321be24

  Score

  1^/10
  behavioral24behavioral25

• • Target

    shape_09.svg

  • Size

    768B

  • MD5

    d27d23e513bd38323c5d0d2330ef3dcf

  • SHA1

    4a25cabf4c9c56d2bd2c3c900d412794a01f67c8

  • SHA256

    f50fe6ce471e0fed4114baef0576045b742c49bdd4b611c543e42521db5f2822

  • SHA512

    3780e6b964cb462594166c2cea602a5473f83567f4cd09a94070499b700a8ef355392f5286bb9ace3b22fe7c066cac5ec4c47e287254cae329fc9accee488d64

  Score

  1^/10
  behavioral26behavioral27

• • Target

    shape_10.svg

  • Size

    715B

  • MD5

    8545c9dc5c7522eb34ea8d9c68ad5837

  • SHA1

    c9779b56acf305b9043e6dfdec028c9ed237c3ec

  • SHA256

    5b636675810369b867dcc1ab60bdae914f55066319220ca108b6f672a66a35ef

  • SHA512

    6fe3e65e4d090644e73a145d84e13df56f18149cc7240890764e08d64bdcb905df2e99b54f414307ab3d6eba081cb115c27839f4e2dd9eef6033d9f3e4bb62a2

  Score

  1^/10
  behavioral28behavioral29

• • Target

    shape_11.svg

  • Size

    754B

  • MD5

    c3afcbd5b1c0a44d3a2fcb3022914660

  • SHA1

    01926b15d96092a156099405a6e7fadfd9f01d73

  • SHA256

    68be9c2482cd98defc5a883eac39155058dbfc1a42f132d072e11bde535f85f1

  • SHA512

    a2e2b061f3368c118b4351658c542e9e71116d208d370ad7c86592c36dde254433e92af6ed4a515f1137c9bb0a49f8d83d00a9272a4280aca72e67cf23931dfb

  Score

  1^/10
  behavioral30behavioral31

• • Target

    shape_12.svg

  • Size

    790B

  • MD5

    50d9b5c730e556fd1fc58dc7cfcde462

  • SHA1

    e176be5adae387cfeb844a29d4d3b9e21aecde45

  • SHA256

    eca64c20277cd4bd86b30845cf02052e68f6f470c5fdeb57e95ff151d5b8673f

  • SHA512

    cd4317cf36810f11a90cc04eabee0340e1c38878d74acca38f6dbdc48a8c8872a22d17d4f82afe6e9cd3ba2c7b1c6257aa6b532d0020a981b099413cbddc88a1

  Score

  1^/10
  behavioral32