Overview

overview

10

Static

static

6

722ae90056...1f.apk

android-9-x86

10

722ae90056...1f.apk

android-10-x64

10

722ae90056...1f.apk

android-11-x64

10

Analysis

  • max time kernel
    70s
  • max time network
    131s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240221-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240221-enlocale:en-usos:android-11-x64system
  • submitted
    30-04-2024 22:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    722ae9005608e4f7842025b384533943233d1cd39732b36a2dceb787450e331f.apk

  • Size

    1.5MB

  • MD5

    264dc1d035be7dc5282e877722c3c5e1

  • SHA1

    879013c0c29f3e3c2a86a62691cd9bc41a5e045a

  • SHA256

    722ae9005608e4f7842025b384533943233d1cd39732b36a2dceb787450e331f

  • SHA512

    0be854eba90356ec602cbb5bc6ff81c913794636d05490c82714c7200671f1c25572661f0b10e126690cca0bea18a64205addb25994180e5055b1d6c508c3fba

  • SSDEEP

    49152:1gSK89jDVhepFv+g+jVCfhLSo9YMekYH+zOS89:1gS3jUvDgCfhX1zOS+

Score
10/10
cerberusbankercollectioncredential_accessdiscoveryevasionimpactinfostealerratstealthtrojan

Malware Config

Extracted

Family

cerberus

C2

http://149.154.69.61

Signatures

Processes

  • com.frame.situate
    1⤵
    • Makes use of the framework's Accessibility service
    • Removes its main activity from the application launcher
    • Checks CPU information
    • Checks memory information
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Requests disabling of battery optimizations (often used to enable hiding in the background).
    • Listens for changes in the sensor environment (might be used to detect emulation)
    PID:4410

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/user/0/com.frame.situate/app_DynamicOptDex/MqaSuSl.json
    Filesize

    34KB

    MD5

    d7ebcd40bc0e6eccc6ce298970b274ab

    SHA1

    20a6521c7500eddf93c9333e49879dac2e8f107d

    SHA256

    aa47941866950be937e9a24c8f609314fcfb502b561ce899a693e86f22aa8639

    SHA512

    d665f4fd6989ddd819be9b689c365efc017de10c4ee19dd737b6a3522f475b793fde7edea9b28f5c82763a8d3a340bf9b8d102ce686751a59dad52886b7c872d

    Download Submit

  • /data/user/0/com.frame.situate/app_DynamicOptDex/MqaSuSl.json
    Filesize

    34KB

    MD5

    28370cd547b33a7bd7403b148929921f

    SHA1

    e500df0ad9d86c17f08b323e7edcca3fa274ffb4

    SHA256

    d97863b9cf2031f2ad76fcf18ebbf6e3dfea8f9d198d1f218980c2425ad25266

    SHA512

    a60661a9ba783a5a2fd83292241b20d628a05abf2b281da21bff359ab89df5e92b2a6a69195b3bd22302ad17b619e9ca93b99512ca6026dc34e71b157037cb68

    Download Submit

  • /data/user/0/com.frame.situate/app_DynamicOptDex/MqaSuSl.json
    Filesize

    76KB

    MD5

    63923423718da9c71d4d1936dbde75ca

    SHA1

    fb2325e3a253b8313c29fd2271ae2cf5eaed0a27

    SHA256

    ce339dfa992184173b2c967778f2fb0b16bfb972d949b1986b74dcbf61b1b7c1

    SHA512

    cdc187789174600e982ce18b6208e0175d65555f2a77552a2d6d1930243a1cbeae94392671c8fc0132244123e1e7ece22b5d8e7a445d8275e7f5cd3bdbcb3e4d

    Download Submit

  • /data/user/0/com.frame.situate/app_DynamicOptDex/oat/MqaSuSl.json.cur.prof
    Filesize

    151B

    MD5

    2b0f9cf20faffc940ea257c070bf6b23

    SHA1

    bdd91e6bcc68889612df3c8c0834905e1719b88f

    SHA256

    dcc586ebebf0b557731d3ead0fe9a1725a9d8eeea01d4373c0fc2e11b0ae1e26

    SHA512

    eb16093e2ced8cd63bf356012bbedf70610df500dc13e2d99ab4d83f35e9f95a3d8df4234169314c441c1328cf1d620cf70904d51744a15d17cb012537737fd1

    Download Submit