8ee97d5fd2aab608e056a5b3ce9a6a4ab006a7e1b8ace404078d9672a9046443

Tags

Signatures

• EventBot

  Description

  A new Android banking trojan started to appear in March 2020.

  Tags

  bankertrojaninfostealeroverlayeventbot

• Makes use of the framework's Accessibility service.

• Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

  Tags

  banker

• Acquires the wake lock.

• Loads dropped Dex/Jar

  Description

  Runs executable file dropped to the device during analysis.

• Removes a system notification.

  Tags

  evasion

• Uses Crypto APIs (Might try to encrypt user data).

  Tags

  ransomware

Related Tasks