Extracted

• • Target

    b7638ff22370a672f8da8ce79d5da97b

  • Size

    3.0MB

  • MD5

    b7638ff22370a672f8da8ce79d5da97b

  • SHA1

    0f970d5c3c1d04740528a988a92ee72f4b3f5a81

  • SHA256

    34285952e2dc998f9e94dc41228c6b74c3777b403e57fc239a362cc1e4e7cb71

  • SHA512

    f99bd7252060afcf13bcb4ddaee126dfcd032dc5b4ad02aa47e4d7bae823b558d19ac39746a153bb23bf8b0436da2d9db92f3eb15f7757fe51f18a722d372e14

  • SSDEEP

    98304:k/GrGuxWqpC50FKdLWI0GHzoJuft+o5L2pFFvC:k/GiSY50+WI/Toq15ip7vC

  Score

  10^/10

  cerberusbankercollectionevasioninfostealerratstealthtrojan

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

    bankertrojaninfostealerevasionratcerberus

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasion

  • Removes its main activity from the application launcher

    stealthtrojanevasion

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

    evasion

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion

  • Listens for changes in the sensor environment (might be used to detect emulation)

    evasion
  behavioral1behavioral2behavioral3