General

  • Target

    a24a81e17d50f68e260aef75a93f61c354df71f3309e11a48d9e55f6a910775a

  • Size

    3.6MB

  • Sample

    210416-6n8yqe4xd6

  • MD5

    e09c3544b8ed5b86fadd0492776fe768

  • SHA1

    04867928c807cc9d7456d8ae1ef8a8dfa1b91480

  • SHA256

    a24a81e17d50f68e260aef75a93f61c354df71f3309e11a48d9e55f6a910775a

  • SHA512

    fc2a364668298bb0af8f177b99cbea74af40b37e16f0d77638a4b3d84519458074813fffc0ba210c538f35bb0368094a73b33dde64bfa63cf46d8047cf621006

Malware Config

Extracted

Family

cerberus

C2

http://gustarones.ga

Targets

    • Target

      a24a81e17d50f68e260aef75a93f61c354df71f3309e11a48d9e55f6a910775a

    • Size

      3.6MB

    • MD5

      e09c3544b8ed5b86fadd0492776fe768

    • SHA1

      04867928c807cc9d7456d8ae1ef8a8dfa1b91480

    • SHA256

      a24a81e17d50f68e260aef75a93f61c354df71f3309e11a48d9e55f6a910775a

    • SHA512

      fc2a364668298bb0af8f177b99cbea74af40b37e16f0d77638a4b3d84519458074813fffc0ba210c538f35bb0368094a73b33dde64bfa63cf46d8047cf621006

    • Cerberus

      An Android banker that is being rented to actors beginning in 2019.

    • Removes its main activity from the application launcher

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

MITRE ATT&CK Matrix

Tasks