Analysis
-
max time kernel
2320630s -
max time network
151s -
platform
android_x64 -
resource
android-x64-arm64 -
submitted
16-10-2021 18:14
Static task
static1
General
-
Target
Android_Guncelleme_build_flow.apk
-
Size
241KB
-
MD5
7e5caf6daf51ca0924bdc936a1de5943
-
SHA1
ddb11dd2fe8f537526835648410a0d6a61288a61
-
SHA256
927720e4e2b6d946b3e228257c4e41c6e9e5ee147ab21ec3ebc94f0f15382828
-
SHA512
3df61812a76bf150beff225c71c89e84622c07cf07201817946d44876682ea6205b1c7265ede855fefb4b3fd8be0e2f3d316e481d2185e7cd286d18dc1d00003
Malware Config
Extracted
Family
cerberus
C2
https://budgetkiralik.com
Signatures
-
Checks Android system properties for emulator presence. 1 IoCs
description ioc Process Accessed system property key: ro.product.model com.rljbgtbfx.ojn -
Loads dropped Dex/Jar 2 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /product/app/TrichromeLibrary/TrichromeLibrary.apk 4116 com.rljbgtbfx.ojn /product/app/TrichromeLibrary/TrichromeLibrary.apk 4116 com.rljbgtbfx.ojn -
Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
description ioc Process Intent action android.settings.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS com.rljbgtbfx.ojn