Analysis

  • max time kernel
    2320586s
  • max time network
    79s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    16-10-2021 18:15

General

  • Target

    Androidupdate_2.apk

  • Size

    2.8MB

  • MD5

    4ed6bfe741982803744054d497744180

  • SHA1

    9e8feaac343f2e43b1eb0cd0437ca59869164ebf

  • SHA256

    33f9c3fdb345146fc95dbe2bf2ea18d0cf7c1a64620862019c88c99f0f7726ab

  • SHA512

    f446ba7dea2f273fb264c7790d4b2dc3313ffeaf339821a473206cbf70a529bafafd8a6296feb811245bfacf269517cb78ed6d296e6effd01ac52911a4047ff7

Malware Config

Extracted

Family

cerberus

C2

http://20.90.106.208/

Signatures

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

  • Uses reflection 11 IoCs

Processes

  • com.arrow.cousin
    1⤵
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:3670

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads