dEEpEst
☣☣ In The Depths ☣☣
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
- Joined
- Mar 29, 2018
- Messages
- 13,862
- Solutions
- 4
- Reputation
- 32
- Reaction score
- 45,552
- Points
- 1,813
- Credits
- 55,350
7 Years of Service
56%
Cerberus Banking Trojan Research
Related research paper :
This link is hidden for visitors. Please Log in or register now.
This repository currently has two tools that can be used.
Hercules: Hercules automatically finds decryption key for actual DEX of the given Cerberus sample, decrypts it, then decrypts configuration parameters in the actual payload. All statically, in seconds.
queryCerberus: Partial implementation of the Cerberus banking trojan C2 communication.
cerberus_full_package contains Cerberus source code that distributed to premium members of originated forum. Credits: DC8044
Initial analysis shows that the Android V2 in the source package is not the latest version in the wild. It lacks Android 10 improvements. Our research paper covers latest version of the malware. According to leftover files, looks like their development team uses a private GitHub repository.
This link is hidden for visitors. Please Log in or register now.
-Communication parameters of latest version are abbreviated. In this one they aren't.
Stay Safe & Healthy.
Regards, Cyberwise Research Task Force (Cyberwise - RTF).
This link is hidden for visitors. Please Log in or register now.