Overview

overview

10

Static

static

7

9180b00a96...84.apk

android-10-x64

10

9180b00a96...84.apk

android-11-x64

10

9180b00a96...84.apk

android-9-x86

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9180b00a96b161fc0ad41ab4d8bc0784.apk

  • Size

    1MB

  • Sample

    230202-3dlrpscb5s

  • MD5

    9180b00a96b161fc0ad41ab4d8bc0784

  • SHA1

    90ff5ba4ce5b0e3e1b8ae8b061c961f7ed9b989a

  • SHA256

    e31f1b158aeaf407cd7a56f87cf4c2cd13bf048db2d00b62c3da711801435839

  • SHA512

    99834c23322224f91fda0bd9f5f77e47cf5e5cf3f07b09450d420d71bec4114f871dad6f6609f7ca6771fcf6aa48a32fe7a0ff1702f492f2a4ededf0b7bee957

  • SSDEEP

    24576:MytLmk1x3ww9Qw9sbzGyVrNvWFYF1mSchJInH2R/dtLvu/454:ptLma/5uBxvZD12Gn0dtLvu/04

Score
10/10
cerberusandroidbankerevasioninfostealerrattrojan

Malware Config

Extracted

Family

cerberus

C2

http://5.161.92.133

Targets

    • Target

      9180b00a96b161fc0ad41ab4d8bc0784.apk

    • Size

      1MB

    • MD5

      9180b00a96b161fc0ad41ab4d8bc0784

    • SHA1

      90ff5ba4ce5b0e3e1b8ae8b061c961f7ed9b989a

    • SHA256

      e31f1b158aeaf407cd7a56f87cf4c2cd13bf048db2d00b62c3da711801435839

    • SHA512

      99834c23322224f91fda0bd9f5f77e47cf5e5cf3f07b09450d420d71bec4114f871dad6f6609f7ca6771fcf6aa48a32fe7a0ff1702f492f2a4ededf0b7bee957

    • SSDEEP

      24576:MytLmk1x3ww9Qw9sbzGyVrNvWFYF1mSchJInH2R/dtLvu/454:ptLma/5uBxvZD12Gn0dtLvu/04

    Score
    10/10
    cerberusbankerevasioninfostealerrattrojan

    • Cerberus

      An Android banker that is being rented to actors beginning in 2019.

      bankertrojaninfostealerevasionratcerberus

    • Makes use of the framework's Accessibility service.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Requests disabling of battery optimizations (often used to enable hiding in the background).

      evasion

    • Removes a system notification.

      evasion
    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation

                          Tasks