Extracted

Extracted

• • Target

    6bf19afb35a30eed664695da5da89cb40de5e48eea9a2d6c69b45bfcf91a47c2.bin

  • Size

    1.7MB

  • MD5

    4da61d6c27c249efc85620259be13bac

  • SHA1

    b6956a721bf31f79cbd6d007bfab1ee16802c31d

  • SHA256

    6bf19afb35a30eed664695da5da89cb40de5e48eea9a2d6c69b45bfcf91a47c2

  • SHA512

    f7f758a5d932cb35ce5887d0e9b7c1b74e153bffae7d3fe2b0f444f184d286c2962330348a3d12a19343da76a030200f09404dd141010b7301b2433a7ddd00eb

  • SSDEEP

    49152:ah2aDDwtJtw04TL9p/dimTuFAT5gK+rBXStFjUPzP:s2aHT0Ap/lTKyKVrBXl

  Score

  10^/10

  alienbotcerberusbankerevasioninfostealerratstealthtrojan

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

    bankertrojaninfostealerevasionratcerberus

  • Cerberus payload

  • Makes use of the framework's Accessibility service.

  • Removes its main activity from the application launcher

    stealthtrojan

  • Acquires the wake lock.

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion

  • Removes a system notification.

    evasion
  behavioral1behavioral2behavioral3

• • Target

    courses_video_playing.json

  • Size

    9KB

  • MD5

    0a87f9f63ccf3a849b4bac428652d9b8

  • SHA1

    ac60b18dba68d11bc6ae9f52e122863cc07731f9

  • SHA256

    50f1d598067abf1c1e5c86bf1ea20990aef323c1cc11076745241ee7ecf81dbf

  • SHA512

    d59985c8dc557f405f175e45d02232baa0120b46eabf8c50b1fb114f6fa8814eb2001b306ee1163bee159a51d25e31d4d3ca6cfb2246476d04f8054be5a19cb4

  • SSDEEP

    192:CqxQT8oOlv7RlX74A5xqxQT8oOlxRlX74A50qxQT8oOlZRlX74A5s:zQg9V7HrSQg9/HrrQg9DHr+

  Score

  1^/10
  behavioral4behavioral5

• • Target

    libbuffer.so

  • Size

    9KB

  • MD5

    897d922700bcf1aca5918a164ef1440e

  • SHA1

    7143fe641eb305728c0ea9acbcdae9a70f12241f

  • SHA256

    2d686f6207da9ae44e1cb685a23b4d42fd34121d18b6b5f030cddca240285609

  • SHA512

    95a8d7ba0e16a97a7743431420900eb589510329604bb367567138faee92b52e5aa8010b7d1c79a2a6710c56ec7b818d349b48121e43f7f7d8924edb999cafed

  • SSDEEP

    96:Yv7VewWHZxKk6zYV0SedRXUuqae2ZpQR7NLyX5OzTdAND+y3AhO5j6lSrghkn8b/:pedREuqx2ZpQRMJE+ND+y3iomp+Q

  Score

  1^/10
  behavioral6behavioral7behavioral8behavioral9

• • Target

    libfile_lock.so

  • Size

    9KB

  • MD5

    283d2c51232643111ba327716d3b987a

  • SHA1

    360786b706adc4cea7eebd76790a4be374f9b84e

  • SHA256

    1727ae064d3914cf3bf1fffe17f501c22eb508e2e3cc9df2608388baf591ad00

  • SHA512

    bad154781f46cc03fcf8cc76bb853dd7fa2b096ada1257bd01578f68d7e53f9061c4f8635b49e9916c22b26036ad8aaa4e7d954f62128a2e8d371628c948bd3b

  • SSDEEP

    96:HYCM0TQ4wtUV5JKEh6wayklj6lSrghCn8b/:HwgtYHlmpEQ

  Score

  1^/10
  behavioral10behavioral11behavioral12behavioral13

• • Target

    libnative-filters.so

  • Size

    22KB

  • MD5

    065d68c589a9ded50b3f78136cebea0e

  • SHA1

    d2bc658a4885831e4694712be0b21e6d0f84ed5e

  • SHA256

    fe0452f50029db4a8425bb411823a0cbdb307a59c9ab9d87bca012ad13bede1b

  • SHA512

    ac1d9c720551c32f1a1b044cf7c0d718f2ec0ad3f504577c0481d8e82117c5e3953191e4930c64f05c6dc7b699abb86070b6fecb63e768d04fa9ee2d8db18365

  • SSDEEP

    384:FIQtzM2+vCgBWgd55j+vQ1Vbqh7QXdeppuLmFTGB:X6yQ5531VkmQSLB

  Score

  1^/10
  behavioral14behavioral15behavioral16behavioral17

• • Target

    libnpth_dl.so

  • Size

    25KB

  • MD5

    2eb075398ec339a8fe223422607a1486

  • SHA1

    0c9d36b7ce43d8b1b64aae2818b01ff93c750f35

  • SHA256

    dc202072c4c63026cc8db2ca9eafef5653d3200f10b042d966af895e6d55784f

  • SHA512

    fb2530c5e6a7bd87e8d568b9dcfca223aecb442f3428047fce0f9f51812189e7967cbcba38f64ca6883f5903c546aa6e33598c881dae522ec40398e740be5f3d

  • SSDEEP

    384:ggvtKrXk7/qkl77v5CCtmQhJUnyCyzlHamfwxe60Q9vygS86:gWtKrijl77v53mQhJU8l7fwxe60QFytl

  Score

  1^/10
  behavioral18behavioral19behavioral20behavioral21

• • Target

    libnpth_logcat.so

  • Size

    26KB

  • MD5

    9bdbc18721b50f64e7f3cac0cb23ea5f

  • SHA1

    fd8cf0119ce324b947de0865959a27133cdf5975

  • SHA256

    a0f687adb77db1187027ed106362c96c3ba41089f73d0e5b11645565d571f055

  • SHA512

    ac0efe2f4d1bb8ccf63b54d40a233581005febe5e53d7e96bb26e00ff23a63430a1207c21525971ecd82567542e5ae18c6ecd4596da19d8cbcc849af48936fe0

  • SSDEEP

    192:ucR5VdgUKnG0OGA7GDnNdi5506iUe4Geqba4B8uD7kzV1xN56wss9lvhAn1poQVd:uSwLRDnNdi5LaB1szlKsKAQK0F15

  Score

  1^/10
  behavioral22behavioral23behavioral24behavioral25

• • Target

    libspeechengine.so

  • Size

    17KB

  • MD5

    4d30be74c59b81f35e1c8abfc2bfe76c

  • SHA1

    4a05d65891eff650aa51967b90fbc340fee3aa12

  • SHA256

    4763c295909d1358ed4776c7c68fe77fb73c35c8530e2bd6fcd49b9bf844a733

  • SHA512

    e102aceabb24b4bdff87b5f5f5649b2dce8b45cb6ffe25d052e86e9946f74b8fd71337c86cc1b96853f4f1c7ef59ca6619b1775ae9752d38681aae99a3ab455a

  • SSDEEP

    192:IFs5F1Fd37v6opzILAXGA5wH25vDM0M+e6ZrT29j+LOTot8xge:IFmL5wH25o0Leo2omie

  Score

  1^/10
  behavioral26behavioral27behavioral28behavioral29

• • Target

    libtraceroute-lib.so

  • Size

    21KB

  • MD5

    d370d3a28456d8b59a313262c8e8b9c7

  • SHA1

    50f3f3aff712fe794f1cffd0043fe213b8138b1d

  • SHA256

    ac3e3f9cf04bd01e7225b3044bd5e8c7022260a6f543f838b92471886468e3c2

  • SHA512

    c94fbb302ac34ec97c6cf6ba7de70d4af1744bdf540e96364299190c089d5f8d227177b3f869a32441db6eb389059a057e0d87b5897338f6a95509ce70a716ae

  • SSDEEP

    384:2nJwEu/Rgica83RorLYLCrGKW6m4uBFdXWjZ:/RXcePy6EBI

  Score

  1^/10
  behavioral30behavioral31behavioral32