Extracted

• • Target

    33ffe41e2a47ff627c399aeef893016d

  • Size

    3.8MB

  • MD5

    33ffe41e2a47ff627c399aeef893016d

  • SHA1

    c8519ab02a57140b055069ab51a9ba18f3435cd9

  • SHA256

    745531bf76372c3b01d415807a979032ccee9c06b80db744f67d0ea2dd1775ce

  • SHA512

    b05964597773087c7b5fcf699673e56e92f97f153a072e34152faae3a77c5e3f0125659763b6c8bb362e334768a5f686036f9f948c6dbff468249a0e73b4f3ea

  • SSDEEP

    98304:NjVypqPWr6K9rdrwHqpowv+KcixXhTgWdhgVIEWWa:NjVypz+KBdrMqGIWaTgWdhgj8

  Score

  10^/10

  cerberusbankerevasioninfostealerratstealthtrojan

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

    bankertrojaninfostealerevasionratcerberus

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

  • Removes its main activity from the application launcher

    stealthtrojan

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion

  • Listens for changes in the sensor environment (might be used to detect emulation)

    evasion
  behavioral1behavioral2behavioral3