General
-
Target
DEV_PORNO_YERLİ_İFŞA_VİDEOLARI_obf.apk
-
Size
4.6MB
-
Sample
210804-fvtyrcn5jx
-
MD5
bda0dc80bd225022dee98d7db05ffad5
-
SHA1
11569c6f438e2e885165128d43c382698674d743
-
SHA256
b8a12bb24e1ce1724ddec605f6c1c70f4a61273f8fc9cc76572f22531e3b871c
-
SHA512
2116b71a0b02a95e990be1f031223d10e1110c193f20b50f7efcb7293e75e272acef6ff837b53ea72e37d5d016681adf25b8559becc958cf35b10a1532904514
Static task
static1
Behavioral task
behavioral1
Sample
DEV_PORNO_YERLİ_İFŞA_VİDEOLARI_obf.apk
Resource
android-x86-arm
Behavioral task
behavioral2
Sample
DEV_PORNO_YERLİ_İFŞA_VİDEOLARI_obf.apk
Resource
android-x64-arm64
Behavioral task
behavioral3
Sample
DEV_PORNO_YERLİ_İFŞA_VİDEOLARI_obf.apk
Resource
android-x64
Malware Config
Extracted
cerberus
http://144.126.152.229
Targets
-
-
Target
DEV_PORNO_YERLİ_İFŞA_VİDEOLARI_obf.apk
-
Size
4.6MB
-
MD5
bda0dc80bd225022dee98d7db05ffad5
-
SHA1
11569c6f438e2e885165128d43c382698674d743
-
SHA256
b8a12bb24e1ce1724ddec605f6c1c70f4a61273f8fc9cc76572f22531e3b871c
-
SHA512
2116b71a0b02a95e990be1f031223d10e1110c193f20b50f7efcb7293e75e272acef6ff837b53ea72e37d5d016681adf25b8559becc958cf35b10a1532904514
-
suricata: ET MALWARE Likely Zbot Generic Request to gate.php Dotted-Quad
-
suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Requests enabling of the accessibility settings.
-
Reads name of network operator
Uses Android APIs to discover system information.
-