General
-
Target
AndroidUpdate.apk
-
Size
2.3MB
-
Sample
201122-mefata6ww6
-
MD5
570d868aca95df74b7e3a2b8005cda2b
-
SHA1
fe3b0d48e0d75e70eeb546448fb25e52e4ab6cff
-
SHA256
b1908d38e44242eece0cc1d11e51cf482400977f110d8210ff9c12d7365af743
-
SHA512
82f2b3f82e440b8b6c7f9335d98a9a4a169ee934233d43d94f28ae2a872d55daf26ff8ada6ea67a3db0ecd8edbd452595a815aca44caf2d1060a1b9e52915b2c
Static task
static1
Behavioral task
behavioral1
Sample
AndroidUpdate.apk
Resource
android-x86_arm
Malware Config
Extracted
alienbot
http://bestof12beach.xyz
Targets
-
-
Target
AndroidUpdate.apk
-
Size
2.3MB
-
MD5
570d868aca95df74b7e3a2b8005cda2b
-
SHA1
fe3b0d48e0d75e70eeb546448fb25e52e4ab6cff
-
SHA256
b1908d38e44242eece0cc1d11e51cf482400977f110d8210ff9c12d7365af743
-
SHA512
82f2b3f82e440b8b6c7f9335d98a9a4a169ee934233d43d94f28ae2a872d55daf26ff8ada6ea67a3db0ecd8edbd452595a815aca44caf2d1060a1b9e52915b2c
-
Alienbot
Alienbot is a fork of Cerberus banker first seen in January 2020.
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Tries to add a device administrator.
-
Reads name of network operator
Uses Android APIs to discover system information.
-