com.example.mmm.replace_1
android.intent.action.SENDTO
android.intent.action.SEND
com.example.mmm.mainActivity
android.intent.action.MAIN
General
-
Target
da0f4ff5b71b73329e9124a28a859a3afe4303e833cf604f01de0503586206be.bin
-
Size
1.5MB
-
MD5
55cf505591582150d44eb3b6f1438b34
-
SHA1
13120e522d0e13595178d53aaf9a527c2ecdb8c6
-
SHA256
da0f4ff5b71b73329e9124a28a859a3afe4303e833cf604f01de0503586206be
-
SHA512
a648b000e2b941d5436af1dccacd05fff0105d1e1b30cf12c4ec04f384ff2e9f3bcbc4b16582ae5c84c3125473612a0b8ae312485dd005b378ddb7c8e8b0bcc7
-
SSDEEP
24576:BRJ2LzEYRixM6fePPbeCxFVyok3pMMZdrQO1MScE/01Cj5lvHhoU2Qn0gwliGw:w/6eLIbZtxSCs1C1lv6U2q0gwl3w
Score
10/10
Malware Config
Extracted
Family
cerberus
Attributes
-
uri
/villaburada.php?action=botcheck&data=
/villaburada.php?action=checkAP&data=
/villaburada.php?action=getModule&data=
/villaburada.php?action=getinj&data=
/villaburada.php?action=injcheck&data=
/villaburada.php?action=registration&data=
/villaburada.php?action=sendInjectLogs&data=
/villaburada.php?action=sendKeylogger&data=
/villaburada.php?action=sendSmsLogs&data=
/villaburada.php?action=timeInject&data=
Signatures
-
Cerberus family
-
Declares broadcast receivers with permission to handle system events 1 IoCs
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 6 IoCs
Files
-
da0f4ff5b71b73329e9124a28a859a3afe4303e833cf604f01de0503586206be.bin
com.example.mmm
com.example.mmm.mainActivity
Android Permissions
da0f4ff5b71b73329e9124a28a859a3afe4303e833cf604f01de0503586206be.bin
Permissions
android.permission.INTERNET
android.permission.CALL_PHONE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.REQUEST_DELETE_PACKAGES
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.READ_CONTACTS
android.permission.WAKE_LOCK