Analysis

  • max time kernel
    32s
  • max time network
    152s
  • platform
    android-10_x64
  • resource
    android-x64-20240910-en
  • resource tags

    arch:x64arch:x86image:android-x64-20240910-enlocale:en-usos:android-10-x64system
  • submitted
    08-10-2024 22:04

General

  • Target

    99a2a79ff131e7ae1c2ee9e9728ddab0d06d4d25494d3bce7034e2df51fd7c4a.apk

  • Size

    1.3MB

  • MD5

    3354c6b284c0148424b140f55b1cb095

  • SHA1

    397e87352e66e5b33406d428390754efb15cc33e

  • SHA256

    99a2a79ff131e7ae1c2ee9e9728ddab0d06d4d25494d3bce7034e2df51fd7c4a

  • SHA512

    c373fbf00eec82d7c6780155ef8b92ac75bb32b33d6d54b7e61c7c2cb6326a3053fa86e3c5876b82208eada43606432c9d2ea9e3bb696f0d08cd73d1d262e70b

  • SSDEEP

    24576:4pysdMgH+BOf3/cD7FXiSAc0a37qzUqs69+J7UfiGdrI8cUacUaIgSg0qh9+:4pyBgH+BOvUD7dik3auJ7BGdrNcUacUp

Malware Config

Extracted

Family

cerberus

C2

http://162.55.21.189

Signatures

Processes

  • com.trophy.abstract
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Makes use of the framework's Accessibility service
    • Obtains sensitive information copied to the device clipboard
    • Performs UI accessibility actions on behalf of the user
    • Queries the mobile country code (MCC)
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    • Checks CPU information
    • Checks memory information
    PID:5099

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.trophy.abstract/app_DynamicOptDex/jMNjB.json

    Filesize

    63KB

    MD5

    95f45e059960bf4cb5cbad2ec8e32848

    SHA1

    e09b16e1aed978d2e2cc8ce55d094ab6a1f84bb7

    SHA256

    7a3d6515e57f161cab4b2b780ac2df3b3eb1f5ada8a8821ba33efe8efa816389

    SHA512

    ce9d1577a75accfbee428cbd922487a21812616ab73907940150478087065e6f8154d9971b520c35a9d19c8af4c7a8e8a010ce00ac726acdecc22f070b59d0ea

  • /data/data/com.trophy.abstract/app_DynamicOptDex/jMNjB.json

    Filesize

    63KB

    MD5

    86fdbcab44ac3f3c8c40d7c95645eaec

    SHA1

    3791a59bc52a02dd1af9607a97ce13db59c2e0de

    SHA256

    2f2f663ef7a2f78974bc22663f6eba1c0ca237c383a0460bef0c44a873e519d7

    SHA512

    88930bf07f98a3a76c9658961e70e517af0fcd3b033f0504ca90889465ac778d3f10fb6f4297a9a3eb99419322b01e0c8c21be3df7bc265504a96d9784614fbb

  • /data/user/0/com.trophy.abstract/app_DynamicOptDex/jMNjB.json

    Filesize

    124KB

    MD5

    c53223654123f2923597a1c127472ee5

    SHA1

    9bb34c577fb276530a5b0baea81648fd8a88c939

    SHA256

    642680ca77be88c96b9cb35c5a1d49b07bdf0cdc1345d6f5f5db84b05bc1be38

    SHA512

    225c8cd60ffeabe4bfa8921a3de14d326f5bfb29c8189219303b42ee94c73b67bbb8c267b58c49acd7ceb00c4406bc03eab4a4878d0379bcbc267138b82f4610