Extracted

• • Target

    73f666b3dc5ee66e202b3e365a524d5d

  • Size

    3.9MB

  • MD5

    73f666b3dc5ee66e202b3e365a524d5d

  • SHA1

    3195a268d5fe4c181cf4178322afe629b03f1064

  • SHA256

    00c462f5b13e3bf21cc7b913719188644fac34cfb7a80893d551bbf512bb8570

  • SHA512

    5abd49342885a144ae0284cd258fd3ba2a8311b6c932e2fe5619dc89e3947f9c7478978d44c836c4348f17d73f51c9ce4516d2dc204e9b93d800720d1cb9217c

  • SSDEEP

    98304:Xi2uReewCW9W0rXFHK5WHofObKH150wISG1qwlE9:S2SIvX+Gbc0mcqGo

  Score

  10^/10

  alienbotbankerevasioninfostealerstealthtrojan

  • Alienbot

    Alienbot is a fork of Cerberus banker first seen in January 2020.

    bankertrojaninfostealeralienbot

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

  • Removes its main activity from the application launcher

    stealthtrojan

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

  • Acquires the wake lock

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion
  behavioral1behavioral2