cerberus | d48716e849c364736f9165938d3cdce59e2375124bfe642fe7bf93ba975ac736 | Triage

Sharing

General

Target

Android_Güncelleme.apk
Size

4.7MB
Sample

210804-hpqb4zf2fx
MD5

ea549b5bab8401c83462f15718bc9a88
SHA1

46f06b4b55ed2107c4919206b3a8121fedf1360d
SHA256

d48716e849c364736f9165938d3cdce59e2375124bfe642fe7bf93ba975ac736
SHA512

7c5b8da7df01c47dd4413bfa55b4018acf60c8e05a06c995ca08dc1aec9019116efece590340ae3d095d8331050e239024edd1bb7c15def5ffb782d45245d265

Score

10^/10

cerberus android banker evasion infostealer obfuscation rat trojan

Malware Config

Extracted

Family

cerberus

C2

http://144.126.152.229

Targets

- Target
  
  Android_Güncelleme.apk
- Size
  
  4.7MB
- MD5
  
  ea549b5bab8401c83462f15718bc9a88
- SHA1
  
  46f06b4b55ed2107c4919206b3a8121fedf1360d
- SHA256
  
  d48716e849c364736f9165938d3cdce59e2375124bfe642fe7bf93ba975ac736
- SHA512
  
  7c5b8da7df01c47dd4413bfa55b4018acf60c8e05a06c995ca08dc1aec9019116efece590340ae3d095d8331050e239024edd1bb7c15def5ffb782d45245d265
Score

10^/10

cerberus banker evasion infostealer obfuscation rat trojan
- Cerberus
  An Android banker that is being rented to actors beginning in 2019.
  banker trojan infostealer evasion rat cerberus
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cerberusbankerevasioninfostealerobfuscationrattrojan

behavioral2

behavioral3

cerberusbankerevasioninfostealerobfuscationrattrojan