Overview

overview

10

Static

static

7

0b8c026dd1...da.apk

android-9-x86

10

0b8c026dd1...da.apk

android-10-x64

10

0b8c026dd1...da.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0b8c026dd1d8208aedc6cfc92102f8c105f9b54a50e8cf5a15bd1a5ade83f9da.apk

  • Size

    3.0MB

  • Sample

    220924-d8kepaaeb8

  • MD5

    02a7ce8ecf19f04fc3cdd56bf34e7267

  • SHA1

    9c2d21ec470dedd11c38459b68da5d27621dc09d

  • SHA256

    0b8c026dd1d8208aedc6cfc92102f8c105f9b54a50e8cf5a15bd1a5ade83f9da

  • SHA512

    3f01b5d5cc546f552e707a707f43a3dcf228032c9a121a3dee8d6785a28431322819f1dedd34c9350929e85fd668398cb79ab8e479a1b9cd16b85792c643d3e4

  • SSDEEP

    49152:61r+tdKavrnGz8flBlXj3IF4ZwNAQnixwqkv6ZrUx0Wt+3lBeyflT6t3X9cPmlaU:3prGzylHz3PZwNTTv6ZrKw4yfOXiOlaU

Score
10/10
cerberusandroidbankerevasioninfostealerratstealthtrojan

Malware Config

Extracted

Family

cerberus

C2

https://lovertruechat.shop

Targets

    • Target

      0b8c026dd1d8208aedc6cfc92102f8c105f9b54a50e8cf5a15bd1a5ade83f9da.apk

    • Size

      3.0MB

    • MD5

      02a7ce8ecf19f04fc3cdd56bf34e7267

    • SHA1

      9c2d21ec470dedd11c38459b68da5d27621dc09d

    • SHA256

      0b8c026dd1d8208aedc6cfc92102f8c105f9b54a50e8cf5a15bd1a5ade83f9da

    • SHA512

      3f01b5d5cc546f552e707a707f43a3dcf228032c9a121a3dee8d6785a28431322819f1dedd34c9350929e85fd668398cb79ab8e479a1b9cd16b85792c643d3e4

    • SSDEEP

      49152:61r+tdKavrnGz8flBlXj3IF4ZwNAQnixwqkv6ZrUx0Wt+3lBeyflT6t3X9cPmlaU:3prGzylHz3PZwNTTv6ZrKw4yfOXiOlaU

    Score
    10/10
    cerberusbankerevasioninfostealerrattrojanstealth

    • Cerberus

      An Android banker that is being rented to actors beginning in 2019.

      bankertrojaninfostealerevasionratcerberus

    • Makes use of the framework's Accessibility service.

    • Removes its main activity from the application launcher

      stealthtrojan

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks