Analysis
-
max time kernel
2320586s -
max time network
79s -
platform
android_x64 -
resource
android-x64 -
submitted
16-10-2021 18:15
Static task
static1
Behavioral task
behavioral1
Sample
Androidupdate_2.apk
Resource
android-x64
0 signatures
0 seconds
General
-
Target
Androidupdate_2.apk
-
Size
2.8MB
-
MD5
4ed6bfe741982803744054d497744180
-
SHA1
9e8feaac343f2e43b1eb0cd0437ca59869164ebf
-
SHA256
33f9c3fdb345146fc95dbe2bf2ea18d0cf7c1a64620862019c88c99f0f7726ab
-
SHA512
f446ba7dea2f273fb264c7790d4b2dc3313ffeaf339821a473206cbf70a529bafafd8a6296feb811245bfacf269517cb78ed6d296e6effd01ac52911a4047ff7
Malware Config
Extracted
Family
cerberus
C2
http://20.90.106.208/
Signatures
-
Loads dropped Dex/Jar 4 IoCs
Runs executable file dropped to the device during analysis.
ioc pid Process /data/user/0/com.arrow.cousin/app_DynamicOptDex/glXJrc.json 3670 com.arrow.cousin /data/user/0/com.arrow.cousin/app_DynamicOptDex/glXJrc.json 3670 com.arrow.cousin /product/app/webview/webview.apk 3670 com.arrow.cousin /product/app/webview/webview.apk 3670 com.arrow.cousin -
Uses reflection 11 IoCs
description pid Process Invokes method android.content.Context.bindServiceAsUser 3670 com.arrow.cousin Invokes method android.content.Context.bindServiceAsUser 3670 com.arrow.cousin Invokes method android.content.Context.bindServiceAsUser 3670 com.arrow.cousin Acesses field javax.security.auth.x500.X500Principal.thisX500Name 3670 com.arrow.cousin Acesses field javax.security.auth.x500.X500Principal.thisX500Name 3670 com.arrow.cousin Acesses field javax.security.auth.x500.X500Principal.thisX500Name 3670 com.arrow.cousin Acesses field javax.security.auth.x500.X500Principal.thisX500Name 3670 com.arrow.cousin Acesses field javax.security.auth.x500.X500Principal.thisX500Name 3670 com.arrow.cousin Acesses field javax.security.auth.x500.X500Principal.thisX500Name 3670 com.arrow.cousin Acesses field javax.security.auth.x500.X500Principal.thisX500Name 3670 com.arrow.cousin Acesses field javax.security.auth.x500.X500Principal.thisX500Name 3670 com.arrow.cousin