cerberus | 92d7d0bba57924be20718710f070f56d133a0ff5fdfdf20c23f099b908b1f34c

Analysis

max time kernel
2771260s
max time network
76s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
23-11-2022 15:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

PlayStore.apk
Size

172KB
MD5

a16a55154e6f256ffbe1c3722ce961f4
SHA1

24b916d1c5f6fb9c454219643202cdf1c69fa4f2
SHA256

92d7d0bba57924be20718710f070f56d133a0ff5fdfdf20c23f099b908b1f34c
SHA512

6d394e1f3e9a82ade2bc5ae977eb3f15df3f501ee5e9d2760cdf936ab2e854763186635b47e6657a3d2eecfb46faa510c7f9a0c859c4b2034bdf2905205efcbb
SSDEEP

3072:yGPdU4khznxZWM+DQ8If7iWp3WpvTZKmTZKHa4EkF5a4EkFhFdNNiQahfbOFdNNf:yDlnxZWM+DQppGpgFH1Ee1Ezxvx80A

Score

10^/10

cerberus banker evasion infostealer rat trojan

Malware Config

Extracted

Family

cerberus

http://65.21.108.94/

Signatures

Cerberus
An Android banker that is being rented to actors beginning in 2019.
banker trojan infostealer evasion rat cerberus
Loads dropped Dex/Jar 1 IoCs
Runs executable file dropped to the device during analysis.

Processes:

com.kigdssguiio.jqhowrudhqqk

ioc pid process

/data/data/com.kigdssguiio.jqhowrudhqqk/app_apk/system.apk 4736 com.kigdssguiio.jqhowrudhqqk
Reads information about phone network operator.

ioc	pid	process
/data/data/com.kigdssguiio.jqhowrudhqqk/app_apk/system.apk	4736	com.kigdssguiio.jqhowrudhqqk

com.kigdssguiio.jqhowrudhqqk
1⤵
- Loads dropped Dex/Jar
PID:4736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.kigdssguiio.jqhowrudhqqk/app_apk/system.apk

Filesize
316KB

MD5
69b3ca57adef18f47b71ce651769abf4

SHA1
7204f2b55b577cadc557a4074c29831e313662d6

SHA256
26533562f7e9db5feafc571f9cea03cc80fcd2917ebb0744de30fb8dec12141b

SHA512
22713beed0583876a801eeef1e13a5677025567866e898fedb8201befdab3a4d88de759a410bcb00f7ba8261a10cce977328d536436989b051df6495998a31f1

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/app_apk/system.apk

Filesize
346KB

MD5
0f0b849a407e63fbfd6ab212b89b0177

SHA1
a9c859da13fbf6add0f3a3ccf6a2d46ced8695d3

SHA256
8941c02d6dd5bc5cbff919c93a3642498e07991e6b8cd3205df9950c764dda95

SHA512
8ab86843acf4a685211ab3ba8079cc5b8b4f2ab2127096a8c3afe34c99358faee967cb68fd3b8c69cb09a76f2302396bb0c6ab5fba7e81ced500061ff239b99b

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/app_webview/.com.google.Chrome.1fkztw

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/app_webview/Cookies

Filesize
64KB

MD5
9b23e6a88d5a95f155f205cb04b93cd0

SHA1
b62dccbbef087a0731f226b96d15d35d8aa5e5fc

SHA256
f2f3c3c0c7f085399a6f9a464c1ac30a59ceeb5a4b7026286fa5609e6e8ef857

SHA512
bce5f25d98e2e8296c4101b62082dcb6a43902f3431ff6f725e41be6b9aece76e887ef94c4818baf4da845708fd76fd51c37fb6915710c870647593868f27482

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/app_webview/Cookies-journal

Filesize
1KB

MD5
2e5e888f1ac5c86e6766ff160facc0a8

SHA1
946bd4ba091731bfd0f654a0968b538c40c6374e

SHA256
41dfa1d893f500dd7f3719a180fcca39c2ec413b93949fa7a94967ac1f5ee559

SHA512
8894d6ce23f397007d53bda49adb9e551cb560dcee840a390b43b967148604c6589e5e4070a34903e8f4247a33aa6a6dcb4d5a827c14d883a2040d76bfc149d2

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/app_webview/GPUCache/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/app_webview/GPUCache/index-dir/temp-index

Filesize
96B

MD5
617bc6bc1ea1defc6e4ec85931cddc1f

SHA1
e709cc5cf7677e0fa8b98bc5a6ef1fad3393cc69

SHA256
c2e65f9b47a0a4f0d9a65aaa5b19954c65214b3dc8fb672adf9cd981d3f0fad4

SHA512
b432ba1b10a0ce41cb2536c345df95f1ee8ee9ba0f916fef20d6403ab23fe12b1c6cc233e96ee5c4ad22e8aac2eba005e69df7145283d943fcea2509e544385d

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/app_webview/Web Data

Filesize
112KB

MD5
b663831f8cc130493476d94f2d7a5330

SHA1
043a1956ab8e40821d67043f8a9110a8eb36fb93

SHA256
c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

SHA512
e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/app_webview/Web Data-journal

Filesize
1KB

MD5
6e7336969e4ada9fdb2ee684c0ae1155

SHA1
85fc2abf056ee3a942ebf5bf3f686630cd1da801

SHA256
07fa08ada4803acc9f9c2f6c1e851e6db4c13176a81427258e39263c75f66f09

SHA512
7f737a60858e820292bb0985f93a3cf16c1a4d2f23c73f400af90f2149ebdae6929ac676d7f784408422a3aaa8f76fa823d963c0212be50bd11da4c94d4befc1

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/app_webview/metrics_guid

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/app_webview/metrics_guid

Filesize
36B

MD5
88867569eede8babbcea190a11059346

SHA1
58f71180dae38e892707cb64803ce271c1c0af72

SHA256
94778e01cb6da89b44e48c54a899ee6a4dfdd4387e64bf44dcaef3d083f72264

SHA512
b79e36ebac6a47102fe2dc72e4a123a25f4e81542cc70fa0152555dded7b06d50118a48890be8eb46b4956c9ac2afcbd458364cb06cff1a6f580e91f675c65ba

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/app_webview/variations_seed_new

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/app_webview/variations_stamp

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/app_webview/webview_data.lock

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/cache/WebView/Crashpad/settings.dat

Filesize
40B

MD5
df8b21980939125fd1b85a43e87be3be

SHA1
0de094f383ea252577e49730559f2a95254d970b

SHA256
d973bd6ebcedc2e5716e3545f9ef226ec95bb54a9d7c10d68dc70fc1f5e39c39

SHA512
521e37048d3ab358612381ef7638d86541cb744a2c1965efcdbf2bfef0cebc6bb0e11d3c97185c6b7ecc34c7ca2da7eacdab78d877fb87773839e7be867fd35e

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/cache/org.chromium.android_webview/08a676c78d1b5fe8_0

Filesize
29KB

MD5
10bf5183f71a1d02138fbe49589df202

SHA1
83c0326d7ed9d1f0acfb7960e90eb4fee132f78a

SHA256
d6ff5da615d2248d1fc8ff4ad3a5c9a0389f63777a8988a5bdbeb91e5be3dbbc

SHA512
9d4fde716f754da904b1b04139d9c729b42151be231d10922c25036d4696e1b514228a080f8eefa0a6575932ac3052b54f60bc136af4773b006f9d778db7af28

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/cache/org.chromium.android_webview/180574ed5181a14b_0

Filesize
38KB

MD5
c6f23cf0371f1ebdb3552df4ba04d10b

SHA1
8cf759639b9960e9ab1f61c818523452d4ea2fb5

SHA256
6cc16709f3972e8e571ec1b04cd2714089d7c1ea4f30a35e74c8645a742a32ec

SHA512
8c988f8be9355bbe003665318153728d12bf99abc4ad90d6c2d9ad13afd281542bf3c2cbac811a459ff2ccc87d1276aab4da74c6de781e284f4b11515c486e01

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/cache/org.chromium.android_webview/Code Cache/js/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index

Filesize
96B

MD5
8f8af01654899c12ae45b9c52496330a

SHA1
bcd79ee6bb1e15e1d507036064a8fefc7dddcee0

SHA256
9e304d8aba759b218a152fd788f93c3f0bcdbd15c930d0e9daa3fe189ac106a8

SHA512
a35d0361ecd99078a3027b83ab9d94ff0371f609a760cfcb12f822d87e1fdcc7682f05b954cde34ecd445e4b2e1e208e66121317d186fb5a7c3368fd11e973b0

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/cache/org.chromium.android_webview/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/cache/org.chromium.android_webview/index-dir/temp-index

Filesize
144B

MD5
fcb55c6a30aebf4ab65ceec4274bcb9f

SHA1
fe5c5d2ec0a309f77bc52eab5d665a9ad1ad61c1

SHA256
f7992cccff94e30d63b4c46fe98db4065c9273ca4f7b2a80565e4c114fb77fe6

SHA512
bf446155eab3e293b692dc7342345d560a612aa3220dd4ed81a10e83ade7ee723d2b22407283c0321a7e2b1dc9a2c841e26241df462110beab98dba7751c4fd2

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/cache/org.chromium.android_webview/index-dir/temp-index

Filesize
192B

MD5
35f241b9abc11e06cd61937975774e97

SHA1
3e535e05a72d9d251419caaffdd14135cd40f864

SHA256
bf3f38e34f8cd55fc52cbf81daba3d692f55c928a7763a6e0f9128cfb5365197

SHA512
f8ccd3c5891db4e64e1a7bef701e23e64268d51f047fcb4edb0ca182b18d22690486e3885911e9ad50d61c924791fa5762851dcebad0befe134ac3343f43a987

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
6ef709b8536878951e87c29a1518fc2b

SHA1
24376c70b00152501b3d98df61fa7db435339172

SHA256
10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

SHA512
96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/shared_prefs/settings.xml

Filesize
116B

MD5
d238bcaede8d9fc88b09c0e7fa6248f3

SHA1
7dc3c46230aeff7499e958a777a15ba65d483933

SHA256
44b7e05984b2ff4a389f942dd8e2c6c948abb1edb92ad88d124472fb9ff974c1

SHA512
ef57d436fa7452f4d7a1e737351eed1a74155b8803ab28f838ae6cf134ca6b4be3a47731d024d2ba3c89bb26bdd24b68fb323f5b7d16c36712df42ac093a1a52

Download Submit
/data/user/0/com.kigdssguiio.jqhowrudhqqk/shared_prefs/settings.xml

Filesize
163B

MD5
95f6cf275d56aef2102b62828f7034c0

SHA1
8117a0e4daf60ee6edf88e6992c764680be59890

SHA256
5dcaced0b68e0ccc444f98aa2e1eb657c177f808be3d65352b1381eb4c778e96

SHA512
6dd12b3f5091eea21604e412748d14e48f77ce03982768cfad754bd581a024b6ccb3e99ed094b4ac27493ac225c99504f6d55b215db2e9e11f1df234d86925fe

Download Submit

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads