General

  • Target

    MOBIL_ODEME.apk

  • Size

    2.3MB

  • Sample

    211115-qcfsvaadc4

  • MD5

    4a6fa9361a96e5e6bf60f9fa35460cc1

  • SHA1

    d362bae37080cdfcc177f763d8426b5538f59bf5

  • SHA256

    a3e15a51c3ed4e2fea3ba38eabc2ef70e20af9e7c1d90476b2c84682172e77d8

  • SHA512

    e5dc990d42c36512a9cb271b0e3b975718194f5c56ae285e1a2d9254e653a8b62a40f7020d3aacda293d75106297e45481d8ac22b742ff5c237593765e7339a2

Malware Config

Extracted

Family

cerberus

C2

https://yokyokdandanyokdandandanand.space/

Targets

    • Target

      MOBIL_ODEME.apk

    • Size

      2.3MB

    • MD5

      4a6fa9361a96e5e6bf60f9fa35460cc1

    • SHA1

      d362bae37080cdfcc177f763d8426b5538f59bf5

    • SHA256

      a3e15a51c3ed4e2fea3ba38eabc2ef70e20af9e7c1d90476b2c84682172e77d8

    • SHA512

      e5dc990d42c36512a9cb271b0e3b975718194f5c56ae285e1a2d9254e653a8b62a40f7020d3aacda293d75106297e45481d8ac22b742ff5c237593765e7339a2

    • Cerberus

      An Android banker that is being rented to actors beginning in 2019.

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks