Extracted

• • Target

    6cfcb56eb93a507447e3ddba3cf76b3b

  • Size

    3.0MB

  • MD5

    6cfcb56eb93a507447e3ddba3cf76b3b

  • SHA1

    86f4f6c1d1ec35c27e2d24b652ab94a4ccfa19c6

  • SHA256

    f160c63d67ebf9a3a0c4ceba97386c52ba36f6255708d9374d04b5cf8857d0f7

  • SHA512

    421da1eadce4571f4de76917a990da086977b8dd0c3e0616ac72f328fc921cd8f2ecadb85fa1db576ab6322a3f16993ace11d774fd6338ecead1ddec28aa7dda

  • SSDEEP

    98304:mpl/KrDT94tYFOljKUA/XIK1jllhUlLnelEgM3PciY:q9wF4EJ1jlnUK78g

  Score

  10^/10

  alienbotbankerevasioninfostealerstealthtrojan

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

  • Removes its main activity from the application launcher

    stealthtrojan

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

  • Acquires the wake lock

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion
  behavioral1behavioral2