cerberus | 6608e4b0c774f3febdd8042f7a5b457ad5bbbcd087f857f9ba2627dd75bdbc86 | Triage

Sharing

General

Target

DEV_PORNO_YERLI_IFSA_VIDEOLARI.apk
Size

3.0MB
Sample

210806-gb8gpzmgrj
MD5

23f26582d9c7a65eba0f94e98fce2504
SHA1

257390855602624a803d70af174144f99d4afefa
SHA256

6608e4b0c774f3febdd8042f7a5b457ad5bbbcd087f857f9ba2627dd75bdbc86
SHA512

8bc3581bd3463bd19cf4f08073c6c4fc7e2e8ec5da6119760293fede24f98f1cc9afc220f62c1905035c2954f521bfc1944c47d5968af49c0e9900dd016dc17f

Score

10^/10

cerberus android banker evasion infostealer obfuscation rat trojan

Malware Config

Extracted

Family

cerberus

C2

http://72.10.160.50

Targets

- Target
  
  DEV_PORNO_YERLI_IFSA_VIDEOLARI.apk
- Size
  
  3.0MB
- MD5
  
  23f26582d9c7a65eba0f94e98fce2504
- SHA1
  
  257390855602624a803d70af174144f99d4afefa
- SHA256
  
  6608e4b0c774f3febdd8042f7a5b457ad5bbbcd087f857f9ba2627dd75bdbc86
- SHA512
  
  8bc3581bd3463bd19cf4f08073c6c4fc7e2e8ec5da6119760293fede24f98f1cc9afc220f62c1905035c2954f521bfc1944c47d5968af49c0e9900dd016dc17f
Score

10^/10

cerberus banker evasion infostealer obfuscation rat trojan
- Cerberus
  An Android banker that is being rented to actors beginning in 2019.
  banker trojan infostealer evasion rat cerberus
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cerberusbankerevasioninfostealerobfuscationrattrojan

behavioral2

behavioral3

cerberusbankerevasioninfostealerobfuscationrattrojan