Analysis

  • max time kernel
    2140824s
  • platform
    android_x86
  • resource
    android-x86-arm
  • submitted
    14-10-2021 12:56

General

  • Target

    AndroidUpdate (1).apk

  • Size

    2.9MB

  • MD5

    631170cab53cef6a3cc8a73d35a88ec6

  • SHA1

    a32828458410e5bfef4e18627f72456dd70727f1

  • SHA256

    e75bcc316514dacde0453a0766b46bc7075159ff9ae31e1d955c48fb745bf97f

  • SHA512

    a1a607418b6beae31483aa99a3d118195a7a315b45317dca134089091c792f03dbc1105f2983227a4fe303d4fe6bceec897d6832fb7693cb5c505230e3df14c2

Malware Config

Extracted

Family

cerberus

C2

https://budabelegedude111.xyz

Signatures

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

  • Loads dropped Dex/Jar 3 IoCs

    Runs executable file dropped to the device during analysis.

  • Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
  • Uses reflection 1 IoCs

Processes

  • com.march.treat
    1⤵
    • Loads dropped Dex/Jar
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    • Uses reflection
    PID:4978
    • com.march.treat
      2⤵
        PID:5003
      • /system/bin/dex2oat
        2⤵
        • Loads dropped Dex/Jar
        PID:5003

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads