General

  • Target

    Hadise_Gizli_Cekim_Ifsa.apk

  • Size

    2.2MB

  • Sample

    211221-jnn52adcdq

  • MD5

    1524ee83ba865308a6597412d3f89dfe

  • SHA1

    ec9a478343bc6a110b0e83f883880ce6b41d6d07

  • SHA256

    dfc9a4a608f5dcc79199d5823d6f6cf645dc4ba25d925967a916890825c98399

  • SHA512

    88a694bc9c33ac2a67be5987c585e401960e224798f4cf9efb40b398f7f03421a2e8c5b0f496657b7adea550f51be7e49cdeafce02778ff8784f16617709a48c

Malware Config

Extracted

Family

cerberus

C2

http://b4kingsystem.co.vu

Targets

    • Target

      Hadise_Gizli_Cekim_Ifsa.apk

    • Size

      2.2MB

    • MD5

      1524ee83ba865308a6597412d3f89dfe

    • SHA1

      ec9a478343bc6a110b0e83f883880ce6b41d6d07

    • SHA256

      dfc9a4a608f5dcc79199d5823d6f6cf645dc4ba25d925967a916890825c98399

    • SHA512

      88a694bc9c33ac2a67be5987c585e401960e224798f4cf9efb40b398f7f03421a2e8c5b0f496657b7adea550f51be7e49cdeafce02778ff8784f16617709a48c

    • Cerberus

      An Android banker that is being rented to actors beginning in 2019.

    • suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer

      suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks