General

  • Target

    Hadise_Ifsa_build_obf.apk

  • Size

    2.2MB

  • Sample

    220106-qz83xabcd9

  • MD5

    376fc34c1eb64a348311156b1f22763e

  • SHA1

    33e23d906a301cb88598bb41a1a53ec843e4291d

  • SHA256

    cac624346b3fcaaaac86fd3872970e8cf89ceaea8d806c7a1772484142bbfe87

  • SHA512

    ff9bfc5641f3476bc499b56495680efa3d51ab7a6bf936d9d8076a931121d6270c689b1897ee9c2a6d03e3020c27626f325be83d777cf1e39a4dc504d0fcdf25

Malware Config

Extracted

Family

cerberus

C2

http://51.81.86.211

Targets

    • Target

      Hadise_Ifsa_build_obf.apk

    • Size

      2.2MB

    • MD5

      376fc34c1eb64a348311156b1f22763e

    • SHA1

      33e23d906a301cb88598bb41a1a53ec843e4291d

    • SHA256

      cac624346b3fcaaaac86fd3872970e8cf89ceaea8d806c7a1772484142bbfe87

    • SHA512

      ff9bfc5641f3476bc499b56495680efa3d51ab7a6bf936d9d8076a931121d6270c689b1897ee9c2a6d03e3020c27626f325be83d777cf1e39a4dc504d0fcdf25

    • Cerberus

      An Android banker that is being rented to actors beginning in 2019.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks