cerberus | a0d7338580712cf36a6bac56904a322e8a1e45ca4fa323113c4aa11c6d6470ab | Triage

Sharing

General

Target

YERLİ_UCRETSİZ_GİZLİ_ÇEKİM_PORNO_VİDEOLAR.apk
Size

3.0MB
Sample

210807-414z5wcp82
MD5

26de3df804ab8b032feeb949e600f792
SHA1

8d58435a050ccf21ce83f74bfc8ee71bafabe8b0
SHA256

a0d7338580712cf36a6bac56904a322e8a1e45ca4fa323113c4aa11c6d6470ab
SHA512

671fef377e73ac5b4594869aa159a0f08e87e1211e4b66ba13698a0edea885530d5797a2f680aed2ad8417bd0e9b76f626020ea9a0ff6ce7ac3e54b0569a28e8

Score

10^/10

cerberus android banker evasion infostealer obfuscation rat trojan

Malware Config

Extracted

Family

cerberus

C2

http://194.163.159.65

Targets

- Target
  
  YERLİ_UCRETSİZ_GİZLİ_ÇEKİM_PORNO_VİDEOLAR.apk
- Size
  
  3.0MB
- MD5
  
  26de3df804ab8b032feeb949e600f792
- SHA1
  
  8d58435a050ccf21ce83f74bfc8ee71bafabe8b0
- SHA256
  
  a0d7338580712cf36a6bac56904a322e8a1e45ca4fa323113c4aa11c6d6470ab
- SHA512
  
  671fef377e73ac5b4594869aa159a0f08e87e1211e4b66ba13698a0edea885530d5797a2f680aed2ad8417bd0e9b76f626020ea9a0ff6ce7ac3e54b0569a28e8
Score

10^/10

cerberus banker evasion infostealer obfuscation rat trojan
- Cerberus
  An Android banker that is being rented to actors beginning in 2019.
  banker trojan infostealer evasion rat cerberus
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cerberusbankerevasioninfostealerobfuscationrattrojan

behavioral2

behavioral3

cerberusbankerevasioninfostealerobfuscationrattrojan