cerberus | 69f6bdb40ce7b3128bb54dbc20ffecdc75825761e273caf49fe1be595938b177 | Triage

Sharing

General

Target

Android Guncelleme.apk
Size

4.7MB
Sample

210805-py8fampq8a
MD5

dad807bc8b5ed69ecd715d48ef8a868c
SHA1

899d61cc4b210bf37fd123107444b956ca1881e7
SHA256

69f6bdb40ce7b3128bb54dbc20ffecdc75825761e273caf49fe1be595938b177
SHA512

c88ac37745c5cd69a309a7983e2c695bea8a8a08f0d70ea3ccf59e9627559eb9d25f57f244c845763345f0ee90624cd425c1d600ccd7a6c637d1839b23422ed3

Score

10^/10

cerberus android banker evasion infostealer obfuscation rat trojan

Malware Config

Extracted

Family

cerberus

C2

http://107.172.197.121/

Targets

- Target
  
  Android Guncelleme.apk
- Size
  
  4.7MB
- MD5
  
  dad807bc8b5ed69ecd715d48ef8a868c
- SHA1
  
  899d61cc4b210bf37fd123107444b956ca1881e7
- SHA256
  
  69f6bdb40ce7b3128bb54dbc20ffecdc75825761e273caf49fe1be595938b177
- SHA512
  
  c88ac37745c5cd69a309a7983e2c695bea8a8a08f0d70ea3ccf59e9627559eb9d25f57f244c845763345f0ee90624cd425c1d600ccd7a6c637d1839b23422ed3
Score

10^/10

cerberus banker evasion infostealer obfuscation rat trojan
- Cerberus
  An Android banker that is being rented to actors beginning in 2019.
  banker trojan infostealer evasion rat cerberus
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cerberusbankerevasioninfostealerobfuscationrattrojan

behavioral2

cerberusbankerevasioninfostealerrattrojan

behavioral3

cerberusbankerevasioninfostealerobfuscationrattrojan