Analysis

  • max time kernel
    343085s
  • max time network
    92s
  • platform
    android_x64
  • resource
    android-x64-20220823-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
  • submitted
    02-02-2023 23:23

General

  • Target

    9180b00a96b161fc0ad41ab4d8bc0784.apk

  • Size

    1.2MB

  • MD5

    9180b00a96b161fc0ad41ab4d8bc0784

  • SHA1

    90ff5ba4ce5b0e3e1b8ae8b061c961f7ed9b989a

  • SHA256

    e31f1b158aeaf407cd7a56f87cf4c2cd13bf048db2d00b62c3da711801435839

  • SHA512

    99834c23322224f91fda0bd9f5f77e47cf5e5cf3f07b09450d420d71bec4114f871dad6f6609f7ca6771fcf6aa48a32fe7a0ff1702f492f2a4ededf0b7bee957

  • SSDEEP

    24576:MytLmk1x3ww9Qw9sbzGyVrNvWFYF1mSchJInH2R/dtLvu/454:ptLma/5uBxvZD12Gn0dtLvu/04

Malware Config

Extracted

Family

cerberus

C2

http://5.161.92.133

Signatures

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

  • Loads dropped Dex/Jar 5 IoCs

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

Processes

  • com.youth.dog
    1⤵
    • Loads dropped Dex/Jar
    PID:4718

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.youth.dog/app_apk/system.apk
    Filesize

    316KB

    MD5

    69b3ca57adef18f47b71ce651769abf4

    SHA1

    7204f2b55b577cadc557a4074c29831e313662d6

    SHA256

    26533562f7e9db5feafc571f9cea03cc80fcd2917ebb0744de30fb8dec12141b

    SHA512

    22713beed0583876a801eeef1e13a5677025567866e898fedb8201befdab3a4d88de759a410bcb00f7ba8261a10cce977328d536436989b051df6495998a31f1

  • /data/data/com.youth.dog/app_apk/system.apk
    Filesize

    316KB

    MD5

    69b3ca57adef18f47b71ce651769abf4

    SHA1

    7204f2b55b577cadc557a4074c29831e313662d6

    SHA256

    26533562f7e9db5feafc571f9cea03cc80fcd2917ebb0744de30fb8dec12141b

    SHA512

    22713beed0583876a801eeef1e13a5677025567866e898fedb8201befdab3a4d88de759a410bcb00f7ba8261a10cce977328d536436989b051df6495998a31f1

  • /data/data/com.youth.dog/app_apk/system.apk
    Filesize

    316KB

    MD5

    69b3ca57adef18f47b71ce651769abf4

    SHA1

    7204f2b55b577cadc557a4074c29831e313662d6

    SHA256

    26533562f7e9db5feafc571f9cea03cc80fcd2917ebb0744de30fb8dec12141b

    SHA512

    22713beed0583876a801eeef1e13a5677025567866e898fedb8201befdab3a4d88de759a410bcb00f7ba8261a10cce977328d536436989b051df6495998a31f1

  • /data/data/com.youth.dog/app_apk/system.apk
    Filesize

    316KB

    MD5

    69b3ca57adef18f47b71ce651769abf4

    SHA1

    7204f2b55b577cadc557a4074c29831e313662d6

    SHA256

    26533562f7e9db5feafc571f9cea03cc80fcd2917ebb0744de30fb8dec12141b

    SHA512

    22713beed0583876a801eeef1e13a5677025567866e898fedb8201befdab3a4d88de759a410bcb00f7ba8261a10cce977328d536436989b051df6495998a31f1

  • /data/user/0/com.youth.dog/app_DynamicOptDex/di.json
    Filesize

    64KB

    MD5

    1c8c296848e65975be9925d647c5fde4

    SHA1

    1b1053b791287e2b84560b49c28d7077b66a988c

    SHA256

    40a61cd486b2f67aa1d3299f1d2bf3d4397df5b83c63c7bcf1c7de1d4e4b49bf

    SHA512

    e3fca9d2cade471a6586bfb55748149560060c8c8a1d7a502862049eb4c4ab59155f5d81051ccd8cc5d1f6f755c9bb44f9e07b66ae92e9eccc660fad343e0706

  • /data/user/0/com.youth.dog/app_DynamicOptDex/di.json
    Filesize

    124KB

    MD5

    d69fa4e700cd7db215670d08f693c7d0

    SHA1

    f5c0e1ea2e516971eabb8dc65222f46d615522b0

    SHA256

    00bb12647c67c2c84a7ce5656556dc35915df7bd66142e8e87306fa148040ce0

    SHA512

    8333e96202dd258dd4f24a579bee7416766e24a234d30febb3f8d04fa44cf11aa0085d77faa4aabc0257cb7c2a8cd1ee941eaa0282c10980126f1377dea29482

  • /data/user/0/com.youth.dog/app_DynamicOptDex/oat/di.json.cur.prof
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

  • /data/user/0/com.youth.dog/app_apk/system.apk
    Filesize

    346KB

    MD5

    0f0b849a407e63fbfd6ab212b89b0177

    SHA1

    a9c859da13fbf6add0f3a3ccf6a2d46ced8695d3

    SHA256

    8941c02d6dd5bc5cbff919c93a3642498e07991e6b8cd3205df9950c764dda95

    SHA512

    8ab86843acf4a685211ab3ba8079cc5b8b4f2ab2127096a8c3afe34c99358faee967cb68fd3b8c69cb09a76f2302396bb0c6ab5fba7e81ced500061ff239b99b

  • /data/user/0/com.youth.dog/app_webview/.com.google.Chrome.PTv5Yc
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

  • /data/user/0/com.youth.dog/app_webview/GPUCache/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

  • /data/user/0/com.youth.dog/app_webview/GPUCache/index-dir/temp-index
    Filesize

    96B

    MD5

    4865423f52ce09c9dbd6d90ffb074e97

    SHA1

    f6d3023729d18fd819ad914f05ba0e18666dff16

    SHA256

    98b7792efa61627f0a8923b4e63cd97a7cd67e1ffd429c919d68a6fd650c7e65

    SHA512

    39e76ffe74df02b395d51be616eb9ebdee0dd65c8b36fb8f63e9b461c7bc7016c2bc37e9de96c75520d37027fc7c3a6c3681ecfc68661c3e4cc6089d7aa2df69

  • /data/user/0/com.youth.dog/app_webview/Web Data
    Filesize

    112KB

    MD5

    b663831f8cc130493476d94f2d7a5330

    SHA1

    043a1956ab8e40821d67043f8a9110a8eb36fb93

    SHA256

    c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

    SHA512

    e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

  • /data/user/0/com.youth.dog/app_webview/Web Data-journal
    Filesize

    1KB

    MD5

    e92afa9cacbce2ba9a47f30b2d45cbef

    SHA1

    ccb11bc1107adde02816c72e127794a23133f2d1

    SHA256

    9354be06a692093d7272a85498e22e574cf8f75ea6f287cdd01ccaf035a2ee30

    SHA512

    c06c1ced141967913da8d6cefd59bfd80d045343b1659eb1f9945e5fea13a5e25f89043415fe525140fc191a48e195377a77be65778c638f2dcb998d6b39ad7f

  • /data/user/0/com.youth.dog/app_webview/metrics_guid
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

  • /data/user/0/com.youth.dog/app_webview/metrics_guid
    Filesize

    36B

    MD5

    18ed4f2e1cc60ce3a349545ad498cb15

    SHA1

    d782ea0f834332b3dc6ba935449f844ecf6c9e43

    SHA256

    b38e5d99646af98ec52f5c66a3c0de4eac6211c554a3b10366dc3154bc048c47

    SHA512

    78c441e43907f5d3aff2ceab96393b25c7a169d8cba56716b23f9e37ae3043c712753b49145a5b2bab06e648dd04295b0642563a1b2857472f4cffec167ddaef

  • /data/user/0/com.youth.dog/app_webview/variations_seed_new
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

  • /data/user/0/com.youth.dog/app_webview/variations_stamp
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

  • /data/user/0/com.youth.dog/app_webview/webview_data.lock
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

  • /data/user/0/com.youth.dog/cache/WebView/Crashpad/settings.dat
    Filesize

    40B

    MD5

    c14142d35d6bcb05784671678635cc55

    SHA1

    da4cbc23a3dcba1ef219eb1c12ccb9623d60b7c5

    SHA256

    8c093c9a45f369f956373ddcd9bec7ffdcc4a5beb2b53583f0c8555eef297102

    SHA512

    aa9926b1777bb992bbde34fa371aec9e58c5427543f7560e2b0155cae28c4c0e7492ace73b243fd7f32e8c8450064875236e0dedff655f56de383f319b19bcb8

  • /data/user/0/com.youth.dog/cache/org.chromium.android_webview/Code Cache/js/index
    Filesize

    48B

    MD5

    6d7d499960179766cd4261d12dacc411

    SHA1

    e6f8553b0015e12b23cc551afe98763f3b1c9bed

    SHA256

    c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

    SHA512

    6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

  • /data/user/0/com.youth.dog/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index
    Filesize

    96B

    MD5

    2447283dd2bda9a04cd72d6810b3c525

    SHA1

    b7ef2f9c4b39b37f91dae64cdec79c7a73d6aa12

    SHA256

    2393336c7f2cec73243df3555d794a049be1fd3626cfaeb19abf983949b304d7

    SHA512

    c1c10f160f5e1b7687775487ae8aa9c7f7d9b6f45d6b454b37a3fef644917ab75581aa90ea16f0e43c2e6150d0ddeb662cadde98a3b6d1daff4f46ee699e702b

  • /data/user/0/com.youth.dog/shared_prefs/WebViewChromiumPrefs.xml
    Filesize

    127B

    MD5

    6ef709b8536878951e87c29a1518fc2b

    SHA1

    24376c70b00152501b3d98df61fa7db435339172

    SHA256

    10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

    SHA512

    96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

  • /data/user/0/com.youth.dog/shared_prefs/settings.xml
    Filesize

    116B

    MD5

    d238bcaede8d9fc88b09c0e7fa6248f3

    SHA1

    7dc3c46230aeff7499e958a777a15ba65d483933

    SHA256

    44b7e05984b2ff4a389f942dd8e2c6c948abb1edb92ad88d124472fb9ff974c1

    SHA512

    ef57d436fa7452f4d7a1e737351eed1a74155b8803ab28f838ae6cf134ca6b4be3a47731d024d2ba3c89bb26bdd24b68fb323f5b7d16c36712df42ac093a1a52

  • /data/user/0/com.youth.dog/shared_prefs/settings.xml
    Filesize

    163B

    MD5

    95f6cf275d56aef2102b62828f7034c0

    SHA1

    8117a0e4daf60ee6edf88e6992c764680be59890

    SHA256

    5dcaced0b68e0ccc444f98aa2e1eb657c177f808be3d65352b1381eb4c778e96

    SHA512

    6dd12b3f5091eea21604e412748d14e48f77ce03982768cfad754bd581a024b6ccb3e99ed094b4ac27493ac225c99504f6d55b215db2e9e11f1df234d86925fe