Analysis
-
max time kernel
4002711s -
max time network
129s -
platform
android_x86_64 -
resource
android-x86_64 -
submitted
20-04-2021 09:17
Static task
static1
Behavioral task
behavioral1
Sample
Flashplayer.....apk
Resource
android-x86_64
android_x86_64
0 signatures
0 seconds
General
-
Target
Flashplayer.....apk
-
Size
4.0MB
-
MD5
b2d77459b93ea208e0567e648f4244d0
-
SHA1
850db541816850c12e53970c0d4b3f2a36c464ef
-
SHA256
80b543537957e43444cf5adaf27a152318a97cf115ce97e4e4f104c761257a49
-
SHA512
93caa5c973879dd8b067cfbc7d19eb1d16a11ebe515a95797c595b2bb2e5b2ab5ad14d45a1c719381be898a7ff67d925363a0999fac0ff668a8857053c113ee4
Malware Config
Extracted
Family
cerberus
C2
http://144.76.80.117
Signatures
-
Processes:
weather.machine.culturepid process 3611 weather.machine.culture -
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
Processes:
weather.machine.cultureioc pid process /data/user/0/weather.machine.culture/app_DynamicOptDex/srlX.json 3611 weather.machine.culture /data/user/0/weather.machine.culture/app_DynamicOptDex/srlX.json 3611 weather.machine.culture -
Tries to add a device administrator. 1 IoCs
Processes:
weather.machine.culturedescription ioc process Intent action android.app.action.ADD_DEVICE_ADMIN weather.machine.culture -
Uses reflection 27 IoCs
Processes:
weather.machine.culturedescription pid process Invokes method java.lang.Object.getClass 3611 weather.machine.culture Invokes method android.content.res.AssetManager.addAssetPath 3611 weather.machine.culture Invokes method android.app.ContextImpl.getAssets 3611 weather.machine.culture Invokes method java.lang.Object.getClass 3611 weather.machine.culture Invokes method android.content.res.AssetManager.open 3611 weather.machine.culture Invokes method java.io.FilterInputStream.read 3611 weather.machine.culture Invokes method java.io.FilterInputStream.read 3611 weather.machine.culture Invokes method java.io.BufferedInputStream.read 3611 weather.machine.culture Invokes method java.lang.Object.getClass 3611 weather.machine.culture Invokes method java.io.BufferedInputStream.close 3611 weather.machine.culture Invokes method java.lang.Object.getClass 3611 weather.machine.culture Invokes method java.lang.String.getBytes 3611 weather.machine.culture Invokes method java.lang.Object.getClass 3611 weather.machine.culture Invokes method java.io.FileOutputStream.write 3611 weather.machine.culture Invokes method java.lang.Object.getClass 3611 weather.machine.culture Invokes method java.io.BufferedInputStream.close 3611 weather.machine.culture Invokes method java.lang.Object.getClass 3611 weather.machine.culture Invokes method java.io.FilterOutputStream.close 3611 weather.machine.culture Invokes method android.app.ActivityThread.currentActivityThread 3611 weather.machine.culture Acesses field android.app.ActivityThread.mPackages 3611 weather.machine.culture Invokes method java.lang.reflect.Field.get 3611 weather.machine.culture Invokes method java.lang.Object.getClass 3611 weather.machine.culture Invokes method java.lang.ref.Reference.get 3611 weather.machine.culture Invokes method java.lang.ref.Reference.get 3611 weather.machine.culture Acesses field android.app.LoadedApk.mClassLoader 3611 weather.machine.culture Invokes method java.lang.reflect.Field.get 3611 weather.machine.culture Acesses field android.app.LoadedApk.mClassLoader 3611 weather.machine.culture