Resubmissions

07-12-2021 21:44

211207-1lvcpsgba3 10

07-12-2021 21:37

211207-1ggk2sgag8 7

General

  • Target

    Hadise_Gizli_Cekim_Ifsa.apk

  • Size

    2.3MB

  • Sample

    211207-1lvcpsgba3

  • MD5

    7c53acee0a7410712bcddbd2ef13b689

  • SHA1

    ec9a38bb47024bfcf4d8ac0e51bbeaa7745cd2d3

  • SHA256

    edda95f68c0cdf9f4c13e4e35211b42666c014f2c0831210b59296071139f159

  • SHA512

    8b6abd88ff69776e0f51f6df59ca6a846ef7442a3e293c7c97cdf09027c0f53887f550346b715eeb5992a8c2df89cf887c6ffbfc90ad68f1310e6233de8e68fc

Malware Config

Extracted

Family

cerberus

C2

http://51.81.186.22

Targets

    • Target

      Hadise_Gizli_Cekim_Ifsa.apk

    • Size

      2.3MB

    • MD5

      7c53acee0a7410712bcddbd2ef13b689

    • SHA1

      ec9a38bb47024bfcf4d8ac0e51bbeaa7745cd2d3

    • SHA256

      edda95f68c0cdf9f4c13e4e35211b42666c014f2c0831210b59296071139f159

    • SHA512

      8b6abd88ff69776e0f51f6df59ca6a846ef7442a3e293c7c97cdf09027c0f53887f550346b715eeb5992a8c2df89cf887c6ffbfc90ad68f1310e6233de8e68fc

    • Cerberus

      An Android banker that is being rented to actors beginning in 2019.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks