cerberus | 052a254e055d65c5dbcbfd9d003390e329ff6084cf9e64805d3647139bf64e78 | Triage

Sharing

General

Target

Android build_obf(3).apk
Size

3.0MB
Sample

210807-3bbttq4nss
MD5

28b54d0aa84080bfede889ef89a23c56
SHA1

6286d2156ab191cf91dd712e4ddaae1512e0d38b
SHA256

052a254e055d65c5dbcbfd9d003390e329ff6084cf9e64805d3647139bf64e78
SHA512

b683a7a1142db6c66e135950b6ea414d0ed9da7049ac92a3cbba250deaf380c4d0986dc821810ce34c807ca29ef3c8ea5e055c367fe021c8c9f5592bf05a1853

Score

10^/10

cerberus android banker evasion infostealer obfuscation rat trojan

Malware Config

Extracted

Family

cerberus

C2

http://144.126.147.6

Targets

- Target
  
  Android build_obf(3).apk
- Size
  
  3.0MB
- MD5
  
  28b54d0aa84080bfede889ef89a23c56
- SHA1
  
  6286d2156ab191cf91dd712e4ddaae1512e0d38b
- SHA256
  
  052a254e055d65c5dbcbfd9d003390e329ff6084cf9e64805d3647139bf64e78
- SHA512
  
  b683a7a1142db6c66e135950b6ea414d0ed9da7049ac92a3cbba250deaf380c4d0986dc821810ce34c807ca29ef3c8ea5e055c367fe021c8c9f5592bf05a1853
Score

10^/10

cerberus banker evasion infostealer obfuscation rat trojan
- Cerberus
  An Android banker that is being rented to actors beginning in 2019.
  banker trojan infostealer evasion rat cerberus
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cerberusbankerevasioninfostealerobfuscationrattrojan

behavioral2

behavioral3

cerberusbankerevasioninfostealerobfuscationrattrojan