Extracted

• • Target

    183ac21bb70d1e9527de39136d927094

  • Size

    4.0MB

  • MD5

    183ac21bb70d1e9527de39136d927094

  • SHA1

    c654873f2c978fd1538e215a8db6ca847a06fbb0

  • SHA256

    cf3e16d6328d572cdf4476809e25c52790d77bec8ac1a52a7129485c55a7c6a7

  • SHA512

    cc6c3cb1f86d05c5072b3d5bc57af690f2b49ca054e505bc67ce758586076c0d8fecff50e8e7b1c06295fc8637134f6ace6a14570fbbba74d3bbf29da80a6cf4

  • SSDEEP

    98304:kFWGTMw78bjU4Tg3rwk/K1xGbuGV9Nt4DWzpnw+YHq7+ri1:kFWGTMg8bjfsXaxGi09L4DK+LHba

  Score

  10^/10

  cerberusbankerevasioninfostealerratstealthtrojan

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

    bankertrojaninfostealerevasionratcerberus

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

  • Removes its main activity from the application launcher

    stealthtrojan

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

  • Tries to add a device administrator.

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion

  • Listens for changes in the sensor environment (might be used to detect emulation)

    evasion
  behavioral1behavioral2behavioral3