General
-
Target
23b3e076cdab5b50881f23a26a0f7d1d64b600ea5a8856da2a4f3adab81203a6.bin
-
Size
1.9MB
-
Sample
231204-1wsa4afg7w
-
MD5
646587934709574ea4f9b1fab6e6a9bf
-
SHA1
49928e81110adc671b33191b49058709def46c07
-
SHA256
23b3e076cdab5b50881f23a26a0f7d1d64b600ea5a8856da2a4f3adab81203a6
-
SHA512
14797057550ee09330357c6793889cccb94680376f356221d2329582ac601f71631107d370cbfd42acdc0b2fd28caee1adc72b0cf565f9727864696af052b664
-
SSDEEP
49152:EZEf0UOWjhOs8KuVWU86zAIrw2xXA44udBaxC2qHhzG:E+cURAsoVWUbUIrwEXA44u3ax1ozG
Static task
static1
Behavioral task
behavioral1
Sample
23b3e076cdab5b50881f23a26a0f7d1d64b600ea5a8856da2a4f3adab81203a6.apk
Resource
android-x86-arm-20231023-en
Behavioral task
behavioral2
Sample
23b3e076cdab5b50881f23a26a0f7d1d64b600ea5a8856da2a4f3adab81203a6.apk
Resource
android-x64-20231023.1-en
Malware Config
Extracted
alienbot
http://bpargastasyas.ml
Extracted
alienbot
http://bpargastasyas.ml
Targets
-
-
Target
23b3e076cdab5b50881f23a26a0f7d1d64b600ea5a8856da2a4f3adab81203a6.bin
-
Size
1.9MB
-
MD5
646587934709574ea4f9b1fab6e6a9bf
-
SHA1
49928e81110adc671b33191b49058709def46c07
-
SHA256
23b3e076cdab5b50881f23a26a0f7d1d64b600ea5a8856da2a4f3adab81203a6
-
SHA512
14797057550ee09330357c6793889cccb94680376f356221d2329582ac601f71631107d370cbfd42acdc0b2fd28caee1adc72b0cf565f9727864696af052b664
-
SSDEEP
49152:EZEf0UOWjhOs8KuVWU86zAIrw2xXA44udBaxC2qHhzG:E+cURAsoVWUbUIrwEXA44u3ax1ozG
-
Alienbot
Alienbot is a fork of Cerberus banker first seen in January 2020.
-
Cerberus payload
-
Makes use of the framework's Accessibility service.
-
Acquires the wake lock.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Removes a system notification.
-