cerber

Sharing

Copy URL

Twitter E-mail

General

Target

Perm.rar
Size

546KB
Sample

250126-a8qd6awldy
MD5

af6d56efa38a97c6ae552773d0ebed55
SHA1

4bfd6aa9fd1fcf161763fcfcd78f166462784a90
SHA256

f15a78efd211bae6dd492d449beeb3844bd758a5241cfa48d0fd19dbe766102d
SHA512

ff35805d195db830f4d7840208c081d1876791609350fde7fd36beec2ddddc04f4dc91b9b24b147bf209f8e02563fae464b5bf87e5e1974ed7422e7880e03959
SSDEEP

12288:Ynino1Rp78K3gxYT9GrXz32VJvCjl34NgrHJ3IWY/IjLsw8:27Di8SYhQz3Cfg1Y84

Score

10^/10

cerber ransomware

Malware Config

Targets

- Target
  
  perm/mac/RTIoLib64.dll
- Size
  
  155KB
- MD5
  
  23b63b64c57ffe0129af6ee4b38ea7db
- SHA1
  
  ce0cec8e15d7d9cc861613a6b2599cf2d580c70f
- SHA256
  
  e68365ab48c6fa3b3c8036c578cd61793e645b76c8a17641ff07ad01038ccbb8
- SHA512
  
  3a5b19c4363e4bafd6a6ddc538ac592afebd81b6de05687e7f169c402c232ca9685ac36391c03719e588b919cdb0fadd56b42d26ae90b1e3aa3e231e0686e4ab
- SSDEEP
  
  3072:RMmIcRC1BP5gn6ENjoJszSKKmNdWTZILJpu9S5:OURC1yvm2f9dWYpJ
Score

1^/10
behavioral1 behavioral2
- Target
  
  perm/mac/RealTek_flash.exe
- Size
  
  745KB
- MD5
  
  302a86510b5c2a807bfad326224880d1
- SHA1
  
  0afea09cb54d9216895e1ad2e60e2606c89d8697
- SHA256
  
  791d18024007d988725ad24ae499f9e8f26dfc1ac8f95f9094568fc5c300d0bf
- SHA512
  
  a4da927d4e33639b97062fcae6003075e60ce939edf7e807119e2f5b300c0918fdbd801668d78e8a707e920bb7b4aade72ed4ac3f3168129b1af2fe40397ff4f
- SSDEEP
  
  12288:pp99WL/vCzx3QRIL4DbKsxA/3SYsF2WKEnkiUJ0yn:r8/vaN4PKsxisF2L+yn
Score

1^/10
behavioral3 behavioral4
- Target
  
  perm/mac/rtkio64.sys
- Size
  
  53KB
- MD5
  
  96e10a2904fff9491762a4fb549ad580
- SHA1
  
  02a8b74899591da7b7f49c0450328d39b939d7e4
- SHA256
  
  4ed2d2c1b00e87b926fb58b4ea43d2db35e5912975f4400aa7bd9f8c239d08b7
- SHA512
  
  06f477ddbcac1b1e79f142b4c0476e5c27b2a002b8d84ca098fc2d66df9b6f4ce6fe2e4c1648b061f594ad7c410e6daa37526a84d4f5b379699e8c8a89147ee9
- SSDEEP
  
  1536:raz9Zl4jhovMHMvi78HOXtcrEC4RsbuaUfc:wDk+MsviouRC4a
Score

1^/10
behavioral5 behavioral6
- Target
  
  perm/mac/rtkiow10x64.sys
- Size
  
  63KB
- MD5
  
  96a8b535b5e14b582ca5679a3e2a5946
- SHA1
  
  f6b3577ea4b1a5641ae3421151a26268434c3db8
- SHA256
  
  ab8f2217e59319b88080e052782e559a706fa4fb7b8b708f709ff3617124da89
- SHA512
  
  ca8ec4cec41e47560cc4d3b3af7bffa5c27455a1f55cc6ca1f3b1553ceda93b501a62a3f3599db1c88fd20fdeb48630973255ca23129b7036e938c7faaaf0376
- SSDEEP
  
  1536:+OsdGoYvrhm0Kxu4RN496QOxsbXgkUfQOLf:Rm0K321OcoLf
Score

1^/10
behavioral7
- Target
  
  perm/mac/spoof.bat
- Size
  
  75B
- MD5
  
  0072872258bb8e64d260120fcd784355
- SHA1
  
  e3b9ce3df6aa5b69c6a81c72a54811a6d126ae48
- SHA256
  
  6a23eab15d38c1769a2c33aae71b6a66713244fe453e1e864c75866bc5e25463
- SHA512
  
  52885e141c2df46c0ab46f6673dee31d6c302bd058647aee73ce6e5209caf7cec4caf4780789d60eaedf5647f3be68dda32634d5fa751150e3ab8b797baf56a1
Score

1^/10
behavioral8 behavioral9
- Target
  
  perm/serials/AMIDEWINx64.EXE
- Size
  
  377KB
- MD5
  
  64ae4aa4904d3b259dda8cc53769064f
- SHA1
  
  24be8fb54afd8182652819b9a307b6f66f3fc58d
- SHA256
  
  2c67fb6eb81630c917f08295e4ff3b5f777cb41b26f7b09dc36d79f089e61bc4
- SHA512
  
  6c16d2bc23c20a7456b4db7136e1bb5fcee9cbf83a73d8de507b7b3ffc618f81f020cde638d2cd1ef5f154541b745a2a0e27b4c654683a21571183f7a1bffd16
- SSDEEP
  
  6144:4NFU+vVycygjjsp5dcAONdA22xVK8LRPo4WBIeX+oD9/nwbr9W9v6i:4bygjjsrdcAONdA22xVK8LRPo4WGkD90
Score

1^/10
behavioral10 behavioral11
- Target
  
  perm/serials/AmiSpoof.bat
- Size
  
  1KB
- MD5
  
  bc8ad04cbe42db4c424cb586c8b012cd
- SHA1
  
  60e2c2e59bf363d109edd02d9c2d75eea4176a34
- SHA256
  
  6c94f726e939c3c699de60291d6fcb7dcf3b37bc18267db26719d22ed04fedbc
- SHA512
  
  ef7a5d971f4147e2b586b2f00bbde3b07f37d54ed168ec649a84b687e07817dd12d1ce62810914f63813c8f51ecd681b35d0e1e8812f024404fa905ab2cac019
Score

10^/10

cerber ransomware
- Cerber
  Cerber is a widely used ransomware-as-a-service (RaaS), first seen in 2017.
  ransomware cerber
- Cerber family
  cerber
behavioral12 behavioral13
- Target
  
  perm/serials/SerialsChecker.bat
- Size
  
  534B
- MD5
  
  24e3d5bcc9303227287318776960b7a2
- SHA1
  
  5c66afdccf6ac0f84a5ba218d4fbea8d5975b5c7
- SHA256
  
  28d007fe953bc08f5e41a5c1a25f9e0436bf3420ef788fcb7e8c9293badb9d42
- SHA512
  
  2998f2cd8349b94d538b0a69ebe04fd2288a2c0484e95ba90dcebf422eb012d0899cc0bf54ad9747e9d7d0d2909bb659a5fc6ecc4d602281be5384aaf3327033
Score

1^/10
behavioral14 behavioral15
- Target
  
  perm/serials/amifldrv64.sys
- Size
  
  28KB
- MD5
  
  0dff47f3b14fb1c1bad47cc517f0581a
- SHA1
  
  db3538f324f9e52defaba7be1ab991008e43d012
- SHA256
  
  20f11a64bc4548f4edb47e3d3418da0f6d54a83158224b71662a6292bf45b5fb
- SHA512
  
  f572e741b5a7e854353420bfe072f4e8d10ea61bd0be06a48f3b07bb58e98987761a4cbd77423bf1ab4a9a79b599b824b6b2951bae9e8ad16bca98c84c72b0a6
- SSDEEP
  
  384:Hv+RD9ZsRVl8jqiZchbao0HMrEDulUoLdZFnJtQSZsHLPK6jzOO9bvFR3lZbI1:HvyJZmmqlHCMmulJLZJt6PKgaO9Po1
Score

1^/10
behavioral16 behavioral17
- Target
  
  perm/serials/amigendrv64.sys
- Size
  
  33KB
- MD5
  
  119f0656ab4bb872f79ee5d421e2b9f9
- SHA1
  
  e35969966769e7760094cbcffb294d0d04a09db6
- SHA256
  
  38d87b51f4b69ba2dae1477684a1415f1a3b578eee5e1126673b1beaefee9a20
- SHA512
  
  428c2a7db1559cb39a882a7dce5a0559efd9d83c2e86ca94bbe3c10c9989fe63c160ab7f475db0400a2ed016ab21f00faa9d0e0b7fdba5e3c34daadab24e71f2
- SSDEEP
  
  768:Jn9+pli0X09luuJ4j/2HGra+Jt6PKgeGPeHPc:t0muuJK1a+JtkwGPMc
Score

1^/10
behavioral18

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Cerber family

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18