Analysis

  • max time kernel
    2153196s
  • max time network
    60s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    14-10-2021 19:45

General

  • Target

    Android_Guncelleme (1).apk

  • Size

    2.7MB

  • MD5

    29005e3560f583a14d22f348dc7e3db1

  • SHA1

    13aeaea9b7601539a170e38a56dd44173454c668

  • SHA256

    392f2c9d5656e68cf9155d07dc83f4fdf7533369545f44bf4c5db7cc4900c99d

  • SHA512

    96bc3aac5e3fa88d2dd59a3270cca8e279752cf8f755149d641480e4f671be4b0b3217448760ec957fda1cd117ab3266e27653b52a926f3c6bc0bd84afad19b9

Malware Config

Extracted

Family

cerberus

C2

http://194.163.187.220

Signatures

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 2 IoCs

Processes

  • com.response.fragile
    1⤵
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:3712

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads