cerberus | 0b8c026dd1d8208aedc6cfc92102f8c105f9b54a50e8cf5a15bd1a5ade83f9da

Analysis

max time kernel
1838587s
max time network
80s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
24-09-2022 03:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0b8c026dd1d8208aedc6cfc92102f8c105f9b54a50e8cf5a15bd1a5ade83f9da.apk
Size

3.0MB
MD5

02a7ce8ecf19f04fc3cdd56bf34e7267
SHA1

9c2d21ec470dedd11c38459b68da5d27621dc09d
SHA256

0b8c026dd1d8208aedc6cfc92102f8c105f9b54a50e8cf5a15bd1a5ade83f9da
SHA512

3f01b5d5cc546f552e707a707f43a3dcf228032c9a121a3dee8d6785a28431322819f1dedd34c9350929e85fd668398cb79ab8e479a1b9cd16b85792c643d3e4
SSDEEP

49152:61r+tdKavrnGz8flBlXj3IF4ZwNAQnixwqkv6ZrUx0Wt+3lBeyflT6t3X9cPmlaU:3prGzylHz3PZwNTTv6ZrKw4yfOXiOlaU

Score

10^/10

cerberus banker evasion infostealer rat trojan

Malware Config

Extracted

Family

cerberus

https://lovertruechat.shop

Signatures

Cerberus
An Android banker that is being rented to actors beginning in 2019.
banker trojan infostealer evasion rat cerberus
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.

Processes:

com.zippilqdi.ucunvfgbj

ioc pid process

/data/user/0/com.zippilqdi.ucunvfgbj/yi8djtsh48/6kk4dIu8Ha6fhfh/base.apk.jIihfus1.fk8 4845 com.zippilqdi.ucunvfgbj

ioc	pid	process
/data/user/0/com.zippilqdi.ucunvfgbj/yi8djtsh48/6kk4dIu8Ha6fhfh/base.apk.jIihfus1.fk8	4845	com.zippilqdi.ucunvfgbj

com.zippilqdi.ucunvfgbj
1⤵
- Loads dropped Dex/Jar
PID:4845

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.zippilqdi.ucunvfgbj/app_webview/.com.google.Chrome.GkYez4
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/app_webview/Cookies
Filesize
64KB

MD5
9b23e6a88d5a95f155f205cb04b93cd0

SHA1
b62dccbbef087a0731f226b96d15d35d8aa5e5fc

SHA256
f2f3c3c0c7f085399a6f9a464c1ac30a59ceeb5a4b7026286fa5609e6e8ef857

SHA512
bce5f25d98e2e8296c4101b62082dcb6a43902f3431ff6f725e41be6b9aece76e887ef94c4818baf4da845708fd76fd51c37fb6915710c870647593868f27482

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/app_webview/Cookies-journal
Filesize
1KB

MD5
ce4658aaa466e0856b1fc5fb1c9a6bd3

SHA1
d7b2add4339b161c48dfb57d45b580cd41e7832f

SHA256
47261830197e8840201ba97a6abfb7aef3e2fdc861482f68da01f754140590dd

SHA512
e9bb85aeddc448c71beb0151cff337ce4221650d93701c06b9842675826eec45752f13e9ba910f6776d52aa954b31d269da0cc721d38c82afdf09e3d7f6f6d7b

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/app_webview/GPUCache/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/app_webview/GPUCache/index-dir/temp-index
Filesize
96B

MD5
5f3c18677bf890311c02825a5d3f780d

SHA1
08727afef326ca610b788bf860dead9d45609c21

SHA256
05564bb14aa342e335b2fa9d8a98fc2059e334d3d279c827f914cf5844cd2864

SHA512
4cf11dd10a03e413a9f08e9c63e9e48f261fb2a695911039c4cca0e538abc9ca3a99801bedc33dd3ac2c64701f7dd91fb153229c73bd0dfafdc02c92ed416211

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/app_webview/Web Data
Filesize
112KB

MD5
b663831f8cc130493476d94f2d7a5330

SHA1
043a1956ab8e40821d67043f8a9110a8eb36fb93

SHA256
c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

SHA512
e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/app_webview/Web Data-journal
Filesize
1KB

MD5
8bf870d94f0d4bb1221a7e4ee08ee862

SHA1
7255543f05598344b7ff4613d222120ffa729ec7

SHA256
e33ffc835df63cd4097d47086fbf47ccf3b388d7f6db15e697ae054c2dd8b527

SHA512
f171259e5af6067abeb47ac7e493d705e16942a529aff4afddfdcabfab87118cd96094a359bcd9277b025a13273db548e6d35a928b9e4f5ec17014b366b12b5f

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/app_webview/metrics_guid
Filesize
36B

MD5
e54515e50986e2fee8981e224ae128a5

SHA1
41e30b747b66a0fe177df7e56628323fe9ce3199

SHA256
1ddb1283c173f89b561dccf1a902c9bd0c08e764eca7dacadca9af87f8c62576

SHA512
d5ed94a50ff72df85d1b73c47fad5735187df05e6698694b60331ce0fa549a8152867d256eae6a04ae9ad9e5af0445febeda914bd7505053efc4027e37c4ecd2

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/app_webview/metrics_guid
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/app_webview/webview_data.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/cache/WebView/Crashpad/settings.dat
Filesize
40B

MD5
d4970419391f6acc8b82c51a6c06c1e2

SHA1
c5c788b4acb17dde72b6c27e97ebe7a2730faa3a

SHA256
42fd662a747868f558be17fa356b2bb1845cf520a5a089e4b58fda54e25c197c

SHA512
bfa9db98ee8ee0452380fee597c35593040e60f5759145bd4622dd38bf7ff963e991bc7f78b3784562accf13a7f5acf60e8624433d6762d9de35c504641ed57b

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/cache/org.chromium.android_webview/Code Cache/js/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
Filesize
96B

MD5
e36c08c03f42641a8b03a86cc49ef07b

SHA1
8380df61b409435e2a8d22339eba579740fe049b

SHA256
7964001852ba744baf1b9b40d95c25f54170930134802cf4741ca1c6a26bd9ca

SHA512
0021d3230367380ea7c9ebd4db67fc33b9f60f079b619c0e36c5a6d5e80593522982478e6107e5c4053af72afd3031ce3d375641098da3d988ed73fc9da96846

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/cache/org.chromium.android_webview/e8ecf140b4b68ab6_0
Filesize
66KB

MD5
0d9c4ce9a982fb4edbaf4b821e0883f6

SHA1
1b11119dbcccf989c90a7d185c1ed6d531be7146

SHA256
79c2af65d208dababde2d872f4bd0f079ef5c6e183a78221437d97c44c9e2e35

SHA512
3462c18d355ec0c1e683c4d949d52a7a40e6cb6627e053476a3211aed1a3f3d6de4c2a9c2927b78fb88ab72fb60f29a110f43b2be3a840b4c56c22a48ea5c32a

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/cache/org.chromium.android_webview/index
Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/cache/org.chromium.android_webview/index-dir/temp-index
Filesize
144B

MD5
c7c95893a51b7ca32e7daad9a0ddf8ea

SHA1
dae725457fea9d93d18d364ac814d7f1475389cc

SHA256
41bb5f85c2f8cd2904490a03bed21b0fb69beaa8e4f06d6ce66f3152d26b2b96

SHA512
ed02b873b304abd1e8413768ca95dff2616772094a4bc52f64fe4717d19188fae60add9c92f8f58d33c4ba2167ecccf7ab25abedc8692158ebc0571d864725d9

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/cache/org.chromium.android_webview/index-dir/temp-index
Filesize
144B

MD5
07e46ed8382677807418a005a4d0aaad

SHA1
751c5892e2456deb95253886a294a8724d34b7c9

SHA256
be64a83700bd40f3d98ef306364a3fded9c8ff938df5d42af2396641ca593a4b

SHA512
328a6d3b9ab7324f052c1c0903fbdf17aacc5b2110e4bcc361b593ac4008a4a27b7204af212ae85db91d994dacf32f97f7ead2e7fd5298cfa24daf5c286e5653

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/shared_prefs/WebViewChromiumPrefs.xml
Filesize
127B

MD5
6ef709b8536878951e87c29a1518fc2b

SHA1
24376c70b00152501b3d98df61fa7db435339172

SHA256
10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

SHA512
96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/shared_prefs/multidex.version.xml
Filesize
306B

MD5
a697fcb6a08096bf6c6b0a8ce6c3d7d7

SHA1
010a0051204cb7f91b502c089425bddd5aa3ab1a

SHA256
975cabda768a56a652c6f6931f2aff25e320d81d9b9dd0fcc9a6c348ad076ee5

SHA512
b7562dd5acae9face621f72a2b41d2c47292ddc739731a29f951a3e3e8420007c9ba3a1808ba154e7cea4583a3ba57a67135e3ded672e2bc4fc340b3dc345081

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/shared_prefs/settings.xml
Filesize
116B

MD5
d238bcaede8d9fc88b09c0e7fa6248f3

SHA1
7dc3c46230aeff7499e958a777a15ba65d483933

SHA256
44b7e05984b2ff4a389f942dd8e2c6c948abb1edb92ad88d124472fb9ff974c1

SHA512
ef57d436fa7452f4d7a1e737351eed1a74155b8803ab28f838ae6cf134ca6b4be3a47731d024d2ba3c89bb26bdd24b68fb323f5b7d16c36712df42ac093a1a52

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/shared_prefs/settings.xml
Filesize
163B

MD5
95f6cf275d56aef2102b62828f7034c0

SHA1
8117a0e4daf60ee6edf88e6992c764680be59890

SHA256
5dcaced0b68e0ccc444f98aa2e1eb657c177f808be3d65352b1381eb4c778e96

SHA512
6dd12b3f5091eea21604e412748d14e48f77ce03982768cfad754bd581a024b6ccb3e99ed094b4ac27493ac225c99504f6d55b215db2e9e11f1df234d86925fe

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/yi8djtsh48/6kk4dIu8Ha6fhfh/base.apk.jIihfus1.fk8
Filesize
186KB

MD5
1c8fafcd5b0ac1e8f3af0a6565300c22

SHA1
7b8263f5e3ebcac1759ecb249a6825b1a6eb5ed9

SHA256
82916a381c27737fc31cc9ad45c45a65a1be4f689783f9962ce2a11e4f172354

SHA512
0953f3b979e67bdc47bf5b2db56ae18379283208136aeb6f50be42f3fac584ecf2eead5bfb2159446c3802c25f60ffd32b8c88da0c998e91cb4608e03215b79d

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/yi8djtsh48/6kk4dIu8Ha6fhfh/thbfqjf5.qhgj
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.zippilqdi.ucunvfgbj/yi8djtsh48/6kk4dIu8Ha6fhfh/tmp-base.apk.jIihfus2447200419227125779.fk8
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads