com.example.mmm.replace_1
android.intent.action.SENDTO
android.intent.action.SEND
com.example.mmm.mainActivity
android.intent.action.MAIN
General
-
Target
81ce38f5987359e64ddb84f7ac3356fd5160f4f2c9000563393f141516341255.bin
-
Size
1.6MB
-
MD5
0b2880cb11b9be304346fe6513de585f
-
SHA1
a315dec708b66a69ece082b3db3bfdce43ec721e
-
SHA256
81ce38f5987359e64ddb84f7ac3356fd5160f4f2c9000563393f141516341255
-
SHA512
ceedc28d1d597f0bd067703807f8c14ed36993ba4d750a1f5f3093a834b83ae14088d361d3050b75b618ee3ee03231369cd42590b537549e46a2ca6fbfb40a98
-
SSDEEP
49152:O+6VmndqCnrhfVxTICBazsFm66blXCkx8r:Okn0AF/nOSZ6hXCkx8r
Score
10/10
Malware Config
Extracted
Family
cerberus
Attributes
-
uri
/villaburada.php?action=botcheck&data=
/villaburada.php?action=checkAP&data=
/villaburada.php?action=getModule&data=
/villaburada.php?action=getinj&data=
/villaburada.php?action=injcheck&data=
/villaburada.php?action=registration&data=
/villaburada.php?action=sendInjectLogs&data=
/villaburada.php?action=sendKeylogger&data=
/villaburada.php?action=sendSmsLogs&data=
/villaburada.php?action=timeInject&data=
Signatures
-
Cerberus family
-
Declares broadcast receivers with permission to handle system events 1 IoCs
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 6 IoCs
Files
-
81ce38f5987359e64ddb84f7ac3356fd5160f4f2c9000563393f141516341255.bin
com.example.mmm
com.example.mmm.mainActivity
Android Permissions
81ce38f5987359e64ddb84f7ac3356fd5160f4f2c9000563393f141516341255.bin
Permissions
android.permission.INTERNET
android.permission.CALL_PHONE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.REQUEST_DELETE_PACKAGES
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.READ_CONTACTS
android.permission.WAKE_LOCK