Analysis

  • max time kernel
    2320647s
  • max time network
    78s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    16-10-2021 18:14

General

  • Target

    ALEYNA_TILKI_IFSA_build_obf_4.apk

  • Size

    2.9MB

  • MD5

    62f5db5df34e50de3092e3e15b64de99

  • SHA1

    a7bd3e84616fc6017b8085b777106e1932330a4a

  • SHA256

    a09e1cf2e6514a984917f749815861f8dc3730164fa5ba92c50628ff948d38d9

  • SHA512

    4aa14359c6eaafd1b84195bb02bb64ec255bd21e4a531ddd674f282a82ddd17df4ef667285a08d2b420d1c7c57f87c04d53664eaa217ce5ec23c5bea24b1bdca

Malware Config

Extracted

Family

cerberus

C2

http://161.97.68.93

Signatures

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

  • Requests disabling of battery optimizations (often used to enable hiding in the background). 1 IoCs
  • Uses reflection 3 IoCs

Processes

  • com.any.steak
    1⤵
    • Loads dropped Dex/Jar
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    • Uses reflection
    PID:3711

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads