Analysis

  • max time kernel
    2146811s
  • max time network
    38s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    14-10-2021 17:58

General

  • Target

    Android_Guncelleme.apk

  • Size

    2.6MB

  • MD5

    83d8646081701b607e9147a9a0bd90d6

  • SHA1

    1652440c6feadd9a43c90610763ed7a0a4c351b9

  • SHA256

    9ba9ad408a114192254671b24b01af7980f879f3962232389ccc835acb87582a

  • SHA512

    2218d890c725725215af03aafc8906f0481484c58212761a237708e205569d0fb9268615f63ac4b41064c0d85bbb1e488d9fd8c8a49e7b90bee32eb59e72947a

Malware Config

Extracted

Family

cerberus

C2

http://194.163.187.220

Signatures

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 3 IoCs

Processes

  • com.uncover.army
    1⤵
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:3646

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads