Overview

overview

10

Static

static

7

PLAY_STORE4.APK.apk

android-9-x86

10

PLAY_STORE4.APK.apk

android-10-x64

10

PLAY_STORE4.APK.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PLAY_STORE4.APK.apk

  • Size

    2.0MB

  • Sample

    221125-v3tvlscf22

  • MD5

    8975014dc9ed1eaeaae059a4eb867b65

  • SHA1

    e6d88ce42080567d36f14eac475bf19fffa2da11

  • SHA256

    c13d23b6ce53010ebb9167d933ad02c1b01d97225706198a05b6bcc045b37f69

  • SHA512

    12251e533827146fbffb1173bedae799d81a71a6759477d16d76fa279008c320c7a987cb6cb36b4d49a9dd7f4c5df624f67c17ca7703189b63a3c73bf43d9970

  • SSDEEP

    49152:u77BVdSJN8cmH3oaIvwy6ZZjORxse4nviujng53+mmaIHYCC:u77BVdJc+DZwvszbjnUO8

Score
10/10
cerberusandroidbankerevasioninfostealerrattrojan

Malware Config

Extracted

Family

cerberus

C2

http://78.47.205.9

Targets

    • Target

      PLAY_STORE4.APK.apk

    • Size

      2.0MB

    • MD5

      8975014dc9ed1eaeaae059a4eb867b65

    • SHA1

      e6d88ce42080567d36f14eac475bf19fffa2da11

    • SHA256

      c13d23b6ce53010ebb9167d933ad02c1b01d97225706198a05b6bcc045b37f69

    • SHA512

      12251e533827146fbffb1173bedae799d81a71a6759477d16d76fa279008c320c7a987cb6cb36b4d49a9dd7f4c5df624f67c17ca7703189b63a3c73bf43d9970

    • SSDEEP

      49152:u77BVdSJN8cmH3oaIvwy6ZZjORxse4nviujng53+mmaIHYCC:u77BVdJc+DZwvszbjnUO8

    Score
    10/10
    cerberusbankerevasioninfostealerrattrojan

    • Cerberus

      An Android banker that is being rented to actors beginning in 2019.

      bankertrojaninfostealerevasionratcerberus

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks