Overview

overview

10

Static

static

7

199c27a457...5d.apk

android_x86

10

199c27a457...5d.apk

android_x64

10

199c27a457...5d.apk

android_x64

Analysis

  • max time kernel
    3871196s
  • max time network
    150s
  • platform
    android_x64
  • resource
    android-x64-20220310-en
  • submitted
    21-05-2022 12:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    199c27a457117334eab655b3811d24eb77f121562518f0bdf06edb676ed5845d.apk

  • Size

    1.5MB

  • MD5

    9f0a014aaf851875c4e77f5dd980c68c

  • SHA1

    7f2d4e6e9666d9d18c270c983b3b885e02715e52

  • SHA256

    199c27a457117334eab655b3811d24eb77f121562518f0bdf06edb676ed5845d

  • SHA512

    e3225e0002a1cecb05bccc7788e950bd62d290ca73197366078442287461e65d81eee92ba891b1bf886af605c74125bbb0ce09d51830738cab02b19efa095829

Score
10/10
cerberusbankerevasioninfostealerrattrojan

Malware Config

Extracted

Family

cerberus

C2

http://android244.ru

Signatures

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

    bankertrojaninfostealerevasionratcerberus
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
    evasion

Processes

  • atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg
    1⤵
    • Loads dropped Dex/Jar
    • Listens for changes in the sensor environment (might be used to detect emulation).
    PID:6294

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json
    Filesize

    686KB

    MD5

    2f5fc6ddafdcd012b0e3deb1b6552a6a

    SHA1

    2cc8ee856285f6b1ae29661cb5fe46a60fa29031

    SHA256

    2e10bcce53c317b583aae5487af533653594a8b2f48d307d9d15707ca9126bc4

    SHA512

    f5d939a13a260f6435b7dd477e1d905128c3d2c190764220da711ff156a40b2cea5f8f40f487b1c9cff72cd32ca810a88c9c448f17355547eeab21cab6ce01a8

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json
    Filesize

    686KB

    MD5

    30b8aa196b163d171da28d127e55b297

    SHA1

    07e1ddb3da6501cffafebce8ce3cd2b89638aade

    SHA256

    119111aac71159e433c238174272f9a47882566f856fe6e8378d106061dadf90

    SHA512

    9a5b8275df616e3aff785126d7df5962bddb1ce3d6485c671d70b4530e97ab05abdb3e7249a96f7dd30a1d38365e69c4bd7825828377a6091f15b1ed4413ef51

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/XPt.json
    Filesize

    686KB

    MD5

    30b8aa196b163d171da28d127e55b297

    SHA1

    07e1ddb3da6501cffafebce8ce3cd2b89638aade

    SHA256

    119111aac71159e433c238174272f9a47882566f856fe6e8378d106061dadf90

    SHA512

    9a5b8275df616e3aff785126d7df5962bddb1ce3d6485c671d70b4530e97ab05abdb3e7249a96f7dd30a1d38365e69c4bd7825828377a6091f15b1ed4413ef51

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_DynamicOptDex/oat/XPt.json.cur.prof
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/.com.google.Chrome.Ki1atf
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/GPUCache/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/GPUCache/index-dir/temp-index
    Filesize

    96B

    MD5

    a0d30132a99d5644f283496550ae6c1d

    SHA1

    a78f771e986f7cb93a7c162e2af2b1786e157b22

    SHA256

    dba3545fa4886f2bc7c5c9bc673dc1231f7d12f0c9db68ff7eef1c7047315acc

    SHA512

    d851d62b8ccb098a1765eef5e45dbde49d2c4b9e43310108d2df3697a41163c93737e8128a2c4e19d04c9c5bd28c17e108b3cb7a8bc85bf2fbe86c4c5f8c90cb

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/Web Data
    Filesize

    112KB

    MD5

    b663831f8cc130493476d94f2d7a5330

    SHA1

    043a1956ab8e40821d67043f8a9110a8eb36fb93

    SHA256

    c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

    SHA512

    e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/Web Data-journal
    Filesize

    1KB

    MD5

    042e129d99ac5902f26d54e62f9735c0

    SHA1

    45f83e1720273397c53f994ff3a3793b8f1f3660

    SHA256

    b702a9a49e788b0a419a115806591d149eaaf364d5f412a4c24e009144bd0e53

    SHA512

    80b6512e970c06a934221de8d2f8d19f60e1bb7a603ed7b3192dd0ae83ab4f5b4f67ad1b705e85b3cea0de8b23e21481262899395d39e4b52e8c4deba461be00

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/metrics_guid
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/metrics_guid
    Filesize

    36B

    MD5

    e6141ea8486c733e0b160143385e5e2e

    SHA1

    f3feed7b1bbf15e5a62ce0bf01111b16380ffef3

    SHA256

    1a167171af45957ca98410a73a62cab7765fe400833fa78e4ff3d3e6a2eec378

    SHA512

    8372ed1796c85f6a702101c9bc4b0aae074e63082d155e7e99f67f77265ce2b23b612915649a5abd20d051eec372aa3e07f08e346e133817d26d553ad9c9d12b

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/variations_seed_new
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/variations_stamp
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/app_webview/webview_data.lock
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/cache/WebView/Crashpad/settings.dat
    Filesize

    40B

    MD5

    035bc969546201aeecd79ca828f2e77f

    SHA1

    ba6c3d1629a5306619f0247f0924c339244a81fc

    SHA256

    853b6cfc63ea2718dd8da5fb8a796d38f4b6c37e4c88579387a8f8579c488312

    SHA512

    274a4fe89dee8753b0e20543894bdca9cb8074a123649137ab3b160d12656b478e96df8aaebc7034684af7ddf6bfe98a38a605d9924c7b3794adc9a9f758cbfd

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/cache/org.chromium.android_webview/Code Cache/js/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
    Filesize

    96B

    MD5

    99f9dbce9217fca4293726ea9d766208

    SHA1

    f1868f37716eb0480b6d71de0515e8f62c72c389

    SHA256

    d0bf966865b5c576e6ec9c0b8440a3eceaa81ce2a9a63c86a02706a4bf8c0ca7

    SHA512

    e79551b0bdc509da9f989fd3ed17f62eba9345231595610ce1dfbadbe877943984dee141d8f8b4eb7d3dbc84b4887b7c7f10f9dfeec92be934bc65c030795e7e

    Download Submit
  • /data/user/0/atbbpuadhw.xzgezlzootfkiaxahdpwu.bkg/shared_prefs/WebViewChromiumPrefs.xml
    Filesize

    127B

    MD5

    6ef709b8536878951e87c29a1518fc2b

    SHA1

    24376c70b00152501b3d98df61fa7db435339172

    SHA256

    10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

    SHA512

    96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

    Download Submit