Profiling Trafficers: Cerberus

May 10, 2024, 9:26 a.m.

Description

This analysis delves into the activities of a group of malware operators known as Cerberus (formerly Amnesia) Team, who specialize in spreading infostealers, particularly in the Commonwealth of Independent States (CIS) region. It provides insights into their operations, tactics, and the evolution of their malware campaigns over time, shedding light on the ever-evolving landscape of cybercriminal activities.

External References

https://g0njxa.medium.com/profiling-traffic-cerberus-ex-amnesia-3758faba4385
https://otx.alienvault.com/pulse/663de2a924a61f8a74567f55
Tags
malware
infostealer
russia
2024-05-05
2024-05-06
2024-05-07
lumma stealer
2024-05-08
aurora stealer
redline
hacking
cybercrime
rhadamanthys stealer
casbaneiro
metamorfo
dracula stealer (samurai)
2024-05-09
2024-05-10

Date

  • Created: May 10, 2024, 9:02 a.m.
  • Published: May 10, 2024, 9:02 a.m.
  • Modified: May 10, 2024, 9:26 a.m.

Indicators

  • ffadffdb70628e31d82c7f79dbb60ee917f09d47c085a19e1ac6e6e1e35f65d2
  • ddd48bf86fb56853f8d7ec54bdd9922044f4f6a97aa16c4b1b6da4d162c63f50
  • e50ffa2b9fd2f72117215aae4bd556181a1c43f0e485ee2ede668ae67ff8b37d
  • b9161bebfa420e361053fe2d28cbacb9f59e12bb2e9ae6dc241326ec5b32429a
  • b86815c10b68f1108530338128c8f0a79d358ee91bc43082a2314985fa4db1ba
  • aa79dd98bfa1024797b92c3016e931180faf9baa462e751a8eb9061fbfd7a06c
  • 9f8a9a96bcd4b50414604cbd67f282226a2af227972833725e133c60da35ad43
  • 7eca655f69b3b43c4f228dbd149b73247166872ba92691f7fb00f7f35bb89e41
  • 48660eb510470d5ebf35a0dfdb4c592117eaec4f07cbf01d428099f052a2fdca
  • 2f51a381d2fc22009dd2e7e27d555b7e10de4fbc954d27e506c5c3ba83481577
  • 24952724df0a06ae1d58350bacc43c37981e46267c9f7575192e222028eb7626
  • 16fbabbe3842fee9262fd42da0151f81e4375652d59b01f75a1f0dff46cda69f
  • 0aa93d611bbbe91ef03cce5ad22160fa4cea54a8e5b322f85be9b2a139e069e2
  • fc43e409ca887fe8f98079100e54a442b7ab01a2743d7e195ba2c8358a1152df
  • f1317fa1e70ad44256d1282121c8ad5e12faf9a32fc6b743212726d666408967
  • c4b216b616c005c7ae84dfbdc5f2a99172825e1ee362555ddad8ed29f23313d6
  • 495d6698ee5c9a61d68bfd5328fa2e0979ff0ae04d1a2655e5d580e73fe6b998
  • 2318f5ddf39a7576e33513557c3af1498e841cef7b36acc53e80ddd700ac0d62
  • 005360f36d6b7bf31717fb5ba88f844bdf5455dfbd9f84894a8c1e53f7f5ef51
  • 5.42.65.36
  • 37.220.87.13
  • 195.10.205.74
  • 147.45.44.5
  • 5.42.65.101
Download all indicators here!

Attack Patterns

  • Rhadamanthys Stealer
  • Dracula Stealer (Samurai)
  • Casbaneiro
  • Metamorfo - S0455
  • Lumma Stealer
  • Redline
  • Aurora Stealer
  • Cerberus (ex-Amnesia)

Additional Informations

  • Palau
  • Northern Mariana Islands
  • Turkmenistan
  • Micronesia, Federated States of
  • Norfolk Island
  • Monaco
  • Kiribati
  • Comoros
  • Djibouti
  • Bermuda
  • Antigua and Barbuda
  • Anguilla
  • Virgin Islands, U.S.
  • Virgin Islands, British
  • Turks and Caicos Islands
  • Guernsey
  • Grenada
  • Greenland
  • Faroe Islands
  • Dominica
  • Cayman Islands
  • San Marino
  • New Caledonia
  • Saint Martin (French part)
  • Liechtenstein
  • Isle of Man
  • Eswatini
  • Burundi
  • Martinique
  • Lesotho
  • French Polynesia
  • Curaçao
  • Timor-Leste
  • Niger
  • Gambia
  • Chad
  • Guinea-Bissau
  • Guinea
  • Guadeloupe
  • French Guiana
  • Saint Lucia
  • Bhutan
  • Sierra Leone
  • Belize
  • Barbados
  • Macao
  • Liberia
  • Iceland
  • Suriname
  • Bahamas
  • Saint Kitts and Nevis
  • Cabo Verde
  • Mauritania
  • Brunei Darussalam
  • Guyana
  • Maldives
  • Haiti
  • Malawi
  • Jersey
  • Zimbabwe
  • Mali
  • Namibia
  • Gabon
  • Rwanda
  • Congo, Democratic Republic of the
  • Benin
  • Puerto Rico
  • Burkina Faso
  • Mozambique
  • South Sudan
  • Jamaica
  • Equatorial Guinea
  • El Salvador
  • Uganda
  • Zambia
  • Senegal
  • Togo
  • Cameroon
  • Madagascar
  • Honduras
  • Paraguay
  • Costa Rica
  • Croatia
  • Tunisia
  • Dominican Republic
  • Syrian Arab Republic
  • Bolivia, Plurinational State of
  • Andorra
  • South Georgia and the South Sandwich Islands
  • Georgia
  • Ethiopia
  • Papua New Guinea
  • Palestine
  • North Macedonia
  • Estonia
  • Central African Republic
  • Trinidad and Tobago
  • Botswana
  • Angola
  • Mauritius
  • Somalia
  • Mongolia
  • Malta
  • British Indian Ocean Territory
  • Tanzania, United Republic of
  • Sudan
  • Guam
  • Montenegro
  • Luxembourg
  • Nigeria
  • Kenya
  • Slovenia
  • Finland
  • Latvia
  • Slovakia
  • Albania
  • Lebanon
  • Ireland
  • Iraq
  • Kuwait
  • Greece
  • Hungary
  • Congo
  • Sweden
  • New Zealand
  • Guatemala
  • Cuba
  • Libya
  • Austria
  • Venezuela, Bolivarian Republic of
  • Uruguay
  • Panama
  • Nicaragua
  • Qatar
  • Yemen
  • Algeria
  • Egypt
  • South Africa
  • Fiji
  • Afghanistan
  • Kyrgyzstan
  • Tajikistan
  • Azerbaijan
  • Hong Kong
  • Cyprus
  • Bulgaria
  • Chile
  • Colombia
  • Uzbekistan
  • Myanmar
  • Ghana
  • Singapore
  • Armenia
  • Belgium
  • Portugal
  • Serbia
  • Iran, Islamic Republic of
  • Sri Lanka
  • Nepal
  • Bangladesh
  • India
  • Czechia
  • Denmark
  • Lithuania
  • Australia
  • Taiwan
  • Saudi Arabia
  • Jordan
  • China
  • United Arab Emirates
  • Netherlands
  • Norway
  • Argentina
  • Switzerland
  • Poland
  • Spain
  • Italy
  • Thailand
  • Peru
  • Canada
  • Japan
  • Moldova, Republic of
  • Belarus
  • Malaysia
  • Indonesia
  • Bosnia and Herzegovina
  • France
  • Germany
  • Romania
  • Oman
  • Morocco
  • Bahrain
  • Kazakhstan
  • Cambodia
  • Philippines
  • Ecuador
  • Mexico
  • Pakistan
  • United Kingdom of Great Britain and Northern Ireland
  • Ukraine
  • Israel
  • Brazil
  • United States of America
  • Russian Federation