General

  • Target

    TURK-IFSA-VIDEOLARI.apk

  • Size

    2.6MB

  • Sample

    211108-rqbxgscca7

  • MD5

    b6a381661fa9c153c621067db0aac363

  • SHA1

    6d682d8a7f30eae469851ddbd980821f31f68e8e

  • SHA256

    726a8fb2a81739d802d5718585829a616362677fe6a9face2718332aeac24ce0

  • SHA512

    be6b8598c2226478da87548b0e5ab843c34e9750612fdf7007013b5b131274778a3d193e5e20a07fad5aeefdfed2408caef7c8292aca52ab32fec31aaec69414

Malware Config

Extracted

Family

cerberus

C2

https://nobodyswonderland.xyz

Targets

    • Target

      TURK-IFSA-VIDEOLARI.apk

    • Size

      2.6MB

    • MD5

      b6a381661fa9c153c621067db0aac363

    • SHA1

      6d682d8a7f30eae469851ddbd980821f31f68e8e

    • SHA256

      726a8fb2a81739d802d5718585829a616362677fe6a9face2718332aeac24ce0

    • SHA512

      be6b8598c2226478da87548b0e5ab843c34e9750612fdf7007013b5b131274778a3d193e5e20a07fad5aeefdfed2408caef7c8292aca52ab32fec31aaec69414

    • Cerberus

      An Android banker that is being rented to actors beginning in 2019.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks