Extracted

• • Target

    08a3c95c6cb6e779c295ada6f07afa6d

  • Size

    3.9MB

  • MD5

    08a3c95c6cb6e779c295ada6f07afa6d

  • SHA1

    49e42437bded58e4ed7533144775cf43e7eaf7d9

  • SHA256

    92c9819efea87088865bea931870dd66fd58bfa940c80c2bb63a9601ba8d92cf

  • SHA512

    c7224f362292af44fe728381eb66cb65a60cf13a22ac853718beb049469acea17fb94f31c0c3fb632122875d3e66bfb9a370b36cd05ecf3649a4b293a5cedcc2

  • SSDEEP

    98304:nK7CrwRTd7dK7wWZcbwuDKVdj1YoZVpeT8eQvwzpERz32L:nK7CrWTdZXNAdjioZVUcE83u

  Score

  10^/10

  cerberusbankerevasioninfostealerratstealthtrojan

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

    bankertrojaninfostealerevasionratcerberus

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

  • Removes its main activity from the application launcher

    stealthtrojan

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion

  • Listens for changes in the sensor environment (might be used to detect emulation)

    evasion
  behavioral1behavioral2behavioral3