Overview

overview

10

Static

static

8

Android bu...4).apk

android_x86

10

Android bu...4).apk

android_x64

Android bu...4).apk

android_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Android build_obf(4).apk

  • Size

    2.5MB

  • Sample

    210809-gtdz6xgtra

  • MD5

    972d80cd63c66f3692addce80179d1a8

  • SHA1

    a6d8c8af4176dda74cbb006e7489cd3eca821ff6

  • SHA256

    afd842afb9a7ef5ab0c4bde56a51876123da1f5d9071d4d0c250139cfa614166

  • SHA512

    a9548b984e8fcb46337eeaeb5784ff7d17bc97a5f976a4594f772deeef5a539e781d5f14d59cc409314f95703208ddbdfaedfb2ebc231e62a1a70674458f1ac5

Score
10/10
cerberusandroidbankerevasioninfostealerobfuscationrattrojan

Malware Config

Extracted

Family

cerberus

C2

http://canavardomain.xyz

Targets

    • Target

      Android build_obf(4).apk

    • Size

      2.5MB

    • MD5

      972d80cd63c66f3692addce80179d1a8

    • SHA1

      a6d8c8af4176dda74cbb006e7489cd3eca821ff6

    • SHA256

      afd842afb9a7ef5ab0c4bde56a51876123da1f5d9071d4d0c250139cfa614166

    • SHA512

      a9548b984e8fcb46337eeaeb5784ff7d17bc97a5f976a4594f772deeef5a539e781d5f14d59cc409314f95703208ddbdfaedfb2ebc231e62a1a70674458f1ac5

    Score
    10/10
    cerberusbankerevasioninfostealerobfuscationrattrojan

    • Cerberus

      An Android banker that is being rented to actors beginning in 2019.

      bankertrojaninfostealerevasionratcerberus

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests enabling of the accessibility settings.

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks