Analysis

  • max time kernel
    2067490s
  • max time network
    49s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    13-10-2021 19:56

General

  • Target

    Androidupdate.apk

  • Size

    2.6MB

  • MD5

    e62736efcf51548162c75b2afb915345

  • SHA1

    323ba25956e9cf83e790024c2cc60ff5a39a6b46

  • SHA256

    418b67fe185da6593d47174dd5b9e02eef840cbcff2696800b6c5bd7d3474bc0

  • SHA512

    d97948aee3a6ed967e140d997959436e0944edb77ed598d1887cc2e6da1c0a563be57b671084f340e3ee79c839579ebd2d979b009242a4b2723880e3ae2e7ca5

Malware Config

Extracted

Family

cerberus

C2

http://20.90.106.208/

Signatures

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 11 IoCs

Processes

  • com.turn.shoot
    1⤵
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:3721

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads