com.example.mmm.replace_1
android.intent.action.SENDTO
android.intent.action.SEND
com.example.mmm.mainActivity
android.intent.action.MAIN
General
-
Target
1831495570c780ad7fb2bc7e1fc6c3ac2cfa4cf3ac0621112473599ce006dd8b.bin
-
Size
1.6MB
-
MD5
6a1d6665665378b51fcb07e4fa9e4faa
-
SHA1
42c5255100f83b51e02237d899d95b4c80f996cd
-
SHA256
1831495570c780ad7fb2bc7e1fc6c3ac2cfa4cf3ac0621112473599ce006dd8b
-
SHA512
56616d59057277167c6aaf512716d0867444b2254f1c70b2bbb1308b2eab227c79167cc7de33a954cc02f90f2d1928caaca47e41c0748fde6c7ce0a17b747deb
-
SSDEEP
49152:u+6VmaCA6WZzwSiMIeInIO1mH7Ng5gjtu:ukaCA6Wef3PnIpNg5gJu
Score
10/10
Malware Config
Extracted
Family
cerberus
Attributes
-
uri
/villaburada.php?action=botcheck&data=
/villaburada.php?action=checkAP&data=
/villaburada.php?action=getModule&data=
/villaburada.php?action=getinj&data=
/villaburada.php?action=injcheck&data=
/villaburada.php?action=registration&data=
/villaburada.php?action=sendInjectLogs&data=
/villaburada.php?action=sendKeylogger&data=
/villaburada.php?action=sendSmsLogs&data=
/villaburada.php?action=timeInject&data=
Signatures
-
Cerberus family
-
Declares broadcast receivers with permission to handle system events 1 IoCs
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 6 IoCs
Files
-
1831495570c780ad7fb2bc7e1fc6c3ac2cfa4cf3ac0621112473599ce006dd8b.bin
com.example.mmm
com.example.mmm.mainActivity
Android Permissions
1831495570c780ad7fb2bc7e1fc6c3ac2cfa4cf3ac0621112473599ce006dd8b.bin
Permissions
android.permission.INTERNET
android.permission.CALL_PHONE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.REQUEST_DELETE_PACKAGES
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.READ_CONTACTS
android.permission.WAKE_LOCK