Overview

overview

10

Static

static

Android APK

android_x86_64

10

Analysis

  • max time kernel
    4008021s
  • max time network
    142s
  • platform
    android_x86_64
  • resource
    android-x86_64
  • submitted
    20-04-2021 10:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Androidupdate.apk

  • Size

    2.6MB

  • MD5

    e6122601d0025dce56d420a66b6aadba

  • SHA1

    dae25433a7a016f5fff5610209ff27ba78b33e2d

  • SHA256

    72947cc5aaeda9164442abb39abba89a977445c3f90d3abf9f07ae1498fffcec

  • SHA512

    96f776e932e2a6cdf7865d6c41b8bd112347c98b3f47a2ce3941bb2fb84af5eeca2c9e9923665aa4c5e7b13ad6b2863b20181095da250189f7383471030d76e9

Score
10/10
cerberusbankerevasioninfostealerobfuscationratstealthtrojan

Malware Config

Extracted

Family

cerberus

C2

http://20.190.192.187/

Signatures

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

    bankertrojaninfostealerevasionratcerberus
  • Removes its main activity from the application launcher 1 IoCs
    stealthtrojan
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Tries to add a device administrator. 1 IoCs
  • Uses reflection 27 IoCs
    obfuscation

Processes

  • fall.hair.prison
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Tries to add a device administrator.
    • Uses reflection
    PID:3635

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads