Extracted

Extracted

• • Target

    d3ad33fd9a192aea9837033045084cea36ce9c0c812c616d1c405ac37ddbcdd7.bin

  • Size

    3.0MB

  • MD5

    ff71432833755a490d24004a0efa7037

  • SHA1

    a0d746e34ba6e23fba841efd17dd94ede91776fa

  • SHA256

    d3ad33fd9a192aea9837033045084cea36ce9c0c812c616d1c405ac37ddbcdd7

  • SHA512

    0e2684000dd6765ea41372b6f60c8ac5384255400ca7065069c6f54ea22d5cafdd373bbc26c5ca1e36c7ef58ef74baeeed5f0452ace1d5021f64db1a5e903bff

  • SSDEEP

    49152:OlP/nxlDR4awgMTyLYOJM5zuOVtVG2dWByOMykCAGy0Lu7udcqUquOyba/EPk:Ol3xv4IYc01VO2dWgOOCmUupLvVa/EPk

  Score

  10^/10

  cerberusermacbankerevasioninfostealerransomwarerattrojan

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

    bankertrojaninfostealerevasionratcerberus

  • Ermac

    An Android banking trojan first seen in July 2021.

    bankertrojaninfostealerermac

  • Makes use of the framework's Accessibility service.

  • Acquires the wake lock.

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

  • Reads information about phone network operator.

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion

  • Removes a system notification.

    evasion

  • Uses Crypto APIs (Might try to encrypt user data).

    ransomware
  behavioral1behavioral2behavioral3

• • Target

    ad.html

  • Size

    15KB

  • MD5

    52c368fc009579446f8dc67daf8dca87

  • SHA1

    fc52b078a9a02847efbf85d10f41b961c85fa459

  • SHA256

    9b6cfb0e52c7f7dc99d5f5b7e2a6142fa3ad82d1333f42877eed3d29b0561579

  • SHA512

    c80bcefe98c2eab09d4a831e788cd50563c62333d4c8aa81046df2acc9888c5a87da45546c1ee7d40bc7a9d7148075e3029e09e4b086406f6143a589111d1cb8

  • SSDEEP

    192:xMejgzfCtmdyPfojYA5D5zniVkG4zhxm45IqTbTD5qRSwpcPt6FLYFieRO6shWUh:flqiO5RrD5qBpWt6FAieRahW6X

  Score

  1^/10
  behavioral4behavioral5

• • Target

    disney.js

  • Size

    760B

  • MD5

    346fe77d9a51f331cd93acc1ef9843bd

  • SHA1

    4cefefd57784913b69afa34bf37fe29a0c25a9be

  • SHA256

    45799f8e9bc3ab2bf400fabb6a5a7b3368a54a27cf052120ecf6298596b0e8b4

  • SHA512

    56d7ef66bf674601ed643c4372d132952bd24749b4b77cd1420716a3d533996d3473906e7d6311dcd0ff67b6f4f10d4bdb5e4187408c10d079c6b123360b0e74

  Score

  1^/10
  behavioral6behavioral7

• • Target

    googlephoto.js

  • Size

    2KB

  • MD5

    7b1a437a30d1e6cc57005f68ff3ebc6e

  • SHA1

    ee034f7775b557972a234bd5ac522d42f8188429

  • SHA256

    a2c555744ba3fb6a86b49bb2e98be947ace5ce5d68603143ae9c8c4ee44255c6

  • SHA512

    6774005e468dd5a0b14fc7709cfa9e5bfa587cdad91cac76c0ac0ec8e738a953d191190467182a8a6c9e7a0a4bb434fd3d9aa29c6edef550db8f287d5d181545

  Score

  1^/10
  behavioral8behavioral9

• • Target

    hbomax.js

  • Size

    1KB

  • MD5

    5a7f8c48870b6b1f033f1464756399ed

  • SHA1

    4b69e972b0c21bb615f74bcbb1a79ad938548f80

  • SHA256

    d44b83d8b55901d041d5b438319ad6817dbfb4bc59232d4ee41fad25387c2e51

  • SHA512

    7b7dccdf4b053359ffe4a607656e74f6988e3ace0a6b503900648f28a8f99554de98ab2d3e6e43b6924ae28a4ee9fdb95e20112a0dda0a94460df4d3cd1d19f9

  Score

  1^/10
  behavioral10behavioral11

• • Target

    netflix.js

  • Size

    1KB

  • MD5

    21f91fb6ac6db27c61047a45684d2014

  • SHA1

    03f45f0e105b4ee34b01582febd9ac7a80ff6c0a

  • SHA256

    96f10444326072599dc9b9b39016f1ac9fff34c0ea634ee224e2f174f6ee16bd

  • SHA512

    42ec0007956cffd4c5b0940bf8a57461a16240c31c0bde40a8b31cf235f2915128ea16b7857dd0f23f7da3dbbeb74b7248a6bb8eab443fb9f8149d5b1aab74b6

  Score

  1^/10
  behavioral12behavioral13

• • Target

    web.js

  • Size

    2KB

  • MD5

    b0584ad09a09780c641d943128f90d62

  • SHA1

    8471ef931be7d60cdf507880a90e64512dc04f75

  • SHA256

    78ac7e1e8a2de2e045ff0c6a2dc4342fda032542aaa3e6ba15d331def47c106a

  • SHA512

    ca97250f69962416fa05f0097fe2877bf938fd3935f273669ae0f7eb93bfa50a63bece50173e02fa52467521d8fe586eb4bfdee3ae1b1d35b91d72ca628ddf0b

  Score

  1^/10
  behavioral14behavioral15