com.example.mmm.replace_1
android.intent.action.SENDTO
android.intent.action.SEND
com.example.mmm.mainActivity
android.intent.action.MAIN
General
-
Target
1e3e2c37c819e4d6fc7c2bb0cb2b9a302d94682cf960bd002553a10db2db0693.bin
-
Size
1.6MB
-
MD5
12614456c8b9bbb2a35d276d84fc6df5
-
SHA1
80fd6cd176bac6b6f3449fc1350a9d979d29e864
-
SHA256
1e3e2c37c819e4d6fc7c2bb0cb2b9a302d94682cf960bd002553a10db2db0693
-
SHA512
15cbd4239f2526c3a956ce3269e08c14ced3eeeeaab0c410e3c74da7c9f098b67182a3fa9bd9e15bf531fc2746fa94a1a92f39593f5720ad0522fb056577c299
-
SSDEEP
49152:y+6VmPdqCnrhfVxTICBazsFm66b/mOyUlo:ykP0AF/nOSZ67mOyUlo
Score
10/10
Malware Config
Extracted
Family
cerberus
Attributes
-
uri
/villaburada.php?action=botcheck&data=
/villaburada.php?action=checkAP&data=
/villaburada.php?action=getModule&data=
/villaburada.php?action=getinj&data=
/villaburada.php?action=injcheck&data=
/villaburada.php?action=registration&data=
/villaburada.php?action=sendInjectLogs&data=
/villaburada.php?action=sendKeylogger&data=
/villaburada.php?action=sendSmsLogs&data=
/villaburada.php?action=timeInject&data=
Signatures
-
Cerberus family
-
Declares broadcast receivers with permission to handle system events 1 IoCs
-
Declares services with permission to bind to the system 1 IoCs
-
Requests dangerous framework permissions 6 IoCs
Files
-
1e3e2c37c819e4d6fc7c2bb0cb2b9a302d94682cf960bd002553a10db2db0693.bin
com.example.mmm
com.example.mmm.mainActivity
Android Permissions
1e3e2c37c819e4d6fc7c2bb0cb2b9a302d94682cf960bd002553a10db2db0693.bin
Permissions
android.permission.INTERNET
android.permission.CALL_PHONE
android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.REQUEST_DELETE_PACKAGES
android.permission.RECEIVE_SMS
android.permission.READ_SMS
android.permission.SEND_SMS
android.permission.READ_CONTACTS
android.permission.WAKE_LOCK