General

  • Target

    Hadise_Ifsa_build_obf.apk

  • Size

    2.1MB

  • Sample

    211209-thd3zscef7

  • MD5

    611ae1ffa617ef003887642342394e03

  • SHA1

    e0e2eb968b9cfa93aaef2f48ed21170d4ebc9b0f

  • SHA256

    337bd9c233fb8a3a7e0eda2d33d2665e08e876e97c3066bf9e627a088cb2c2fd

  • SHA512

    1f4ae3851aff12cd9e04e8018c8bd5b649fd0f68155820db474a0d3db42ce4a278c5c91ce452ce3fc52d5d7ba247cc0643da166a1ac17461a75901268da863d6

Malware Config

Extracted

Family

cerberus

C2

http://51.81.186.22

Targets

    • Target

      Hadise_Ifsa_build_obf.apk

    • Size

      2.1MB

    • MD5

      611ae1ffa617ef003887642342394e03

    • SHA1

      e0e2eb968b9cfa93aaef2f48ed21170d4ebc9b0f

    • SHA256

      337bd9c233fb8a3a7e0eda2d33d2665e08e876e97c3066bf9e627a088cb2c2fd

    • SHA512

      1f4ae3851aff12cd9e04e8018c8bd5b649fd0f68155820db474a0d3db42ce4a278c5c91ce452ce3fc52d5d7ba247cc0643da166a1ac17461a75901268da863d6

    • Cerberus

      An Android banker that is being rented to actors beginning in 2019.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks