General

  • Target

    Androidupdate.apk

  • Size

    2.9MB

  • Sample

    210420-2mpbh39632

  • MD5

    24590d7cc10202a4a3c6f32c69444c24

  • SHA1

    7ee63438214a36409299b3c222bda1e03f4fdc4d

  • SHA256

    a8992af67f4e7fc5ebcadf2ae69ae71dd61731f7c83f2c7597ed74cf8a171622

  • SHA512

    1131f378d62d9deed30ecd1633e1d1c4340f7d3f2ae6fb1f27f1763e261f488c61cfe03175dc05d32070a958b86b3334ace025b623d130f04880e71cd7c57e37

Malware Config

Extracted

Family

cerberus

C2

http://20.190.192.187/

Targets

    • Target

      Androidupdate.apk

    • Size

      2.9MB

    • MD5

      24590d7cc10202a4a3c6f32c69444c24

    • SHA1

      7ee63438214a36409299b3c222bda1e03f4fdc4d

    • SHA256

      a8992af67f4e7fc5ebcadf2ae69ae71dd61731f7c83f2c7597ed74cf8a171622

    • SHA512

      1131f378d62d9deed30ecd1633e1d1c4340f7d3f2ae6fb1f27f1763e261f488c61cfe03175dc05d32070a958b86b3334ace025b623d130f04880e71cd7c57e37

    • Cerberus

      An Android banker that is being rented to actors beginning in 2019.

    • Removes its main activity from the application launcher

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Tries to add a device administrator.

MITRE ATT&CK Matrix

Tasks