General
-
Target
ba26bc717ee0f40707320e55ea904a4cf257a0f9ede732dfcf320f182616763a.bin
-
Size
1.2MB
-
Sample
240807-11ln4svdrl
-
MD5
5f78b69a087302ae624da7c82cb20525
-
SHA1
4b969b63a8dcd70984b2d0e3bd5a064d970807bc
-
SHA256
ba26bc717ee0f40707320e55ea904a4cf257a0f9ede732dfcf320f182616763a
-
SHA512
e87c68b09516c51605477cb06d068b900a62e0e665b47ac87d6fc64396bb306d23eeaa6dcccb3d34d0da11812d6d9ea1b0137a4241f5681381110b7230cec7e1
-
SSDEEP
24576:xzzbVvonipZmG1qpOWSnyt8woe/FvXxPrI5MXLdsWhWmgK:ZbVgn+mG8Q1WZouFvBGMXLeWhLgK
Static task
static1
Behavioral task
behavioral1
Sample
ba26bc717ee0f40707320e55ea904a4cf257a0f9ede732dfcf320f182616763a.apk
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral2
Sample
ba26bc717ee0f40707320e55ea904a4cf257a0f9ede732dfcf320f182616763a.apk
Resource
android-x64-20240624-en
Behavioral task
behavioral3
Sample
ba26bc717ee0f40707320e55ea904a4cf257a0f9ede732dfcf320f182616763a.apk
Resource
android-x64-arm64-20240624-en
Malware Config
Extracted
cerberus
http://80.87.192.227
Targets
-
-
Target
ba26bc717ee0f40707320e55ea904a4cf257a0f9ede732dfcf320f182616763a.bin
-
Size
1.2MB
-
MD5
5f78b69a087302ae624da7c82cb20525
-
SHA1
4b969b63a8dcd70984b2d0e3bd5a064d970807bc
-
SHA256
ba26bc717ee0f40707320e55ea904a4cf257a0f9ede732dfcf320f182616763a
-
SHA512
e87c68b09516c51605477cb06d068b900a62e0e665b47ac87d6fc64396bb306d23eeaa6dcccb3d34d0da11812d6d9ea1b0137a4241f5681381110b7230cec7e1
-
SSDEEP
24576:xzzbVvonipZmG1qpOWSnyt8woe/FvXxPrI5MXLdsWhWmgK:ZbVgn+mG8Q1WZouFvBGMXLeWhLgK
-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Obtains sensitive information copied to the device clipboard
Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
-
Queries the phone number (MSISDN for GSM devices)
-
Performs UI accessibility actions on behalf of the user
Application may abuse the accessibility service to prevent their removal.
-
Queries the mobile country code (MCC)
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-
Tries to add a device administrator.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-