Analysis
-
max time kernel
3609402s -
max time network
140s -
platform
android_x86_64 -
resource
android-x86_64 -
submitted
15-04-2021 20:02
Static task
static1
Behavioral task
behavioral1
Sample
29d21cfc5299759a285ffe86ee9edd0cc2883a65edfba30cd738314823926789.apk
Resource
android-x86_64
android_x86_64
0 signatures
0 seconds
General
-
Target
29d21cfc5299759a285ffe86ee9edd0cc2883a65edfba30cd738314823926789.apk
-
Size
3.5MB
-
MD5
c851a900efcb00d89d683528365788bf
-
SHA1
eaa9e3487a10d3c5907bdfc2fb2d57e5023957a1
-
SHA256
29d21cfc5299759a285ffe86ee9edd0cc2883a65edfba30cd738314823926789
-
SHA512
346c0cb04fee66d700b6d91f862a48a0df33693f1851e4a0031afd075d8d9ecff466d58d613cd84f4cd25826385e1fee1e43e3cce50b1713ab1658efe46a308c
Malware Config
Extracted
Family
cerberus
C2
http://45.153.185.116/
Signatures
-
Processes:
project.salute.energypid process 3611 project.salute.energy -
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
project.salute.energyioc pid process /data/user/0/project.salute.energy/app_DynamicOptDex/SpLhNR.json 3611 project.salute.energy /data/user/0/project.salute.energy/app_DynamicOptDex/SpLhNR.json 3611 project.salute.energy -
Uses reflection 27 IoCs
Processes:
project.salute.energydescription pid process Invokes method java.lang.Object.getClass 3611 project.salute.energy Invokes method android.content.res.AssetManager.addAssetPath 3611 project.salute.energy Invokes method android.app.ContextImpl.getAssets 3611 project.salute.energy Invokes method java.lang.Object.getClass 3611 project.salute.energy Invokes method android.content.res.AssetManager.open 3611 project.salute.energy Invokes method java.io.FilterInputStream.read 3611 project.salute.energy Invokes method java.io.FilterInputStream.read 3611 project.salute.energy Invokes method java.io.BufferedInputStream.read 3611 project.salute.energy Invokes method java.lang.Object.getClass 3611 project.salute.energy Invokes method java.io.BufferedInputStream.close 3611 project.salute.energy Invokes method java.lang.Object.getClass 3611 project.salute.energy Invokes method java.lang.String.getBytes 3611 project.salute.energy Invokes method java.lang.Object.getClass 3611 project.salute.energy Invokes method java.io.FileOutputStream.write 3611 project.salute.energy Invokes method java.lang.Object.getClass 3611 project.salute.energy Invokes method java.io.BufferedInputStream.close 3611 project.salute.energy Invokes method java.lang.Object.getClass 3611 project.salute.energy Invokes method java.io.FilterOutputStream.close 3611 project.salute.energy Invokes method android.app.ActivityThread.currentActivityThread 3611 project.salute.energy Acesses field android.app.ActivityThread.mPackages 3611 project.salute.energy Invokes method java.lang.reflect.Field.get 3611 project.salute.energy Invokes method java.lang.Object.getClass 3611 project.salute.energy Invokes method java.lang.ref.Reference.get 3611 project.salute.energy Invokes method java.lang.ref.Reference.get 3611 project.salute.energy Acesses field android.app.LoadedApk.mClassLoader 3611 project.salute.energy Invokes method java.lang.reflect.Field.get 3611 project.salute.energy Acesses field android.app.LoadedApk.mClassLoader 3611 project.salute.energy