General

  • Target

    9180b00a96b161fc0ad41ab4d8bc0784.apk

  • Size

    1.2MB

  • Sample

    230202-3dlrpscb5s

  • MD5

    9180b00a96b161fc0ad41ab4d8bc0784

  • SHA1

    90ff5ba4ce5b0e3e1b8ae8b061c961f7ed9b989a

  • SHA256

    e31f1b158aeaf407cd7a56f87cf4c2cd13bf048db2d00b62c3da711801435839

  • SHA512

    99834c23322224f91fda0bd9f5f77e47cf5e5cf3f07b09450d420d71bec4114f871dad6f6609f7ca6771fcf6aa48a32fe7a0ff1702f492f2a4ededf0b7bee957

  • SSDEEP

    24576:MytLmk1x3ww9Qw9sbzGyVrNvWFYF1mSchJInH2R/dtLvu/454:ptLma/5uBxvZD12Gn0dtLvu/04

Malware Config

Extracted

Family

cerberus

C2

http://5.161.92.133

Targets

    • Target

      9180b00a96b161fc0ad41ab4d8bc0784.apk

    • Size

      1.2MB

    • MD5

      9180b00a96b161fc0ad41ab4d8bc0784

    • SHA1

      90ff5ba4ce5b0e3e1b8ae8b061c961f7ed9b989a

    • SHA256

      e31f1b158aeaf407cd7a56f87cf4c2cd13bf048db2d00b62c3da711801435839

    • SHA512

      99834c23322224f91fda0bd9f5f77e47cf5e5cf3f07b09450d420d71bec4114f871dad6f6609f7ca6771fcf6aa48a32fe7a0ff1702f492f2a4ededf0b7bee957

    • SSDEEP

      24576:MytLmk1x3ww9Qw9sbzGyVrNvWFYF1mSchJInH2R/dtLvu/454:ptLma/5uBxvZD12Gn0dtLvu/04

    • Cerberus

      An Android banker that is being rented to actors beginning in 2019.

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

    • Removes a system notification.

MITRE ATT&CK Matrix

Tasks