General

  • Target

    Hadise_Ifsa_build_obf.apk

  • Size

    1.9MB

  • Sample

    220105-qph4qsada7

  • MD5

    94c1d7c4f1074984711614b0cfda456e

  • SHA1

    8d686ab480c21431d861b36f7219ebc9da1380e1

  • SHA256

    8529714de7f726121a5a07c8e9e718828bc3bc198c512139be2ac5183e0bf25e

  • SHA512

    207fbe3b3acf2e9f9b7a3c6cbbf6f5a79f99c0aa73ec82c81964ebb35812402ed7ff920fd92aa533f908d2cde580be75bc85dda53114844c971c36b1899545a5

Malware Config

Extracted

Family

cerberus

C2

http://51.81.86.211

Targets

    • Target

      Hadise_Ifsa_build_obf.apk

    • Size

      1.9MB

    • MD5

      94c1d7c4f1074984711614b0cfda456e

    • SHA1

      8d686ab480c21431d861b36f7219ebc9da1380e1

    • SHA256

      8529714de7f726121a5a07c8e9e718828bc3bc198c512139be2ac5183e0bf25e

    • SHA512

      207fbe3b3acf2e9f9b7a3c6cbbf6f5a79f99c0aa73ec82c81964ebb35812402ed7ff920fd92aa533f908d2cde580be75bc85dda53114844c971c36b1899545a5

    • Cerberus

      An Android banker that is being rented to actors beginning in 2019.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks