com.example.mmm.replace_1
android.intent.action.SENDTO
android.intent.action.SEND
com.example.mmm.mainActivity
android.intent.action.MAIN
General
-
Target
8b352c1ece3724ca2003a9166f7aa020396dd2136aed4a9592317841e161409c.bin
-
Size
1.6MB
-
MD5
a7c5afeb5e7bd9fae4cb8e0e704cf2fb
-
SHA1
3851ae99cbc94681ee0d4ab51d9e6c379667edf8
-
SHA256
8b352c1ece3724ca2003a9166f7aa020396dd2136aed4a9592317841e161409c
-
SHA512
b6d3f4b20060d632c52f65c97c15170058c7a3ed4d8d7078bd4a38b8315b148f27edaa5e4d11e07b16dc79de217e347566ba492225aad6cb5898ed2f905a593a
-
SSDEEP
49152:p+6VmudqCnrhfVxTICBazsFm66bLayCMti:pku0AF/nOSZ6XayCMti
Score
10/10
Malware Config
Extracted
Family
cerberus
Attributes
-
uri
/villaburada.php?action=botcheck&data=
/villaburada.php?action=checkAP&data=
/villaburada.php?action=getModule&data=
/villaburada.php?action=getinj&data=
/villaburada.php?action=injcheck&data=
/villaburada.php?action=registration&data=
/villaburada.php?action=sendInjectLogs&data=
/villaburada.php?action=sendKeylogger&data=
/villaburada.php?action=sendSmsLogs&data=
/villaburada.php?action=timeInject&data=
Signatures
-
Cerberus family
-
Declares broadcast receivers with permission to handle system events 1 IoCs
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 6 IoCs
Files
-
8b352c1ece3724ca2003a9166f7aa020396dd2136aed4a9592317841e161409c.bin
com.example.mmm
com.example.mmm.mainActivity
Android Permissions
8b352c1ece3724ca2003a9166f7aa020396dd2136aed4a9592317841e161409c.bin
Permissions
android.permission.INTERNET
android.permission.CALL_PHONE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.REQUEST_DELETE_PACKAGES
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.READ_CONTACTS
android.permission.WAKE_LOCK