Extracted

• • Target

    db6c6bdda89349f8de2be84ed4373c18

  • Size

    3.4MB

  • MD5

    db6c6bdda89349f8de2be84ed4373c18

  • SHA1

    ba6d9778332737c9750e72c98e29e73c932422d8

  • SHA256

    bff4c1097f87aac75d64430f93e4df4e4225ab776be31f58080cb58d00325e55

  • SHA512

    2cbcc56ae5493d44474584c9f95531639a718a6296b535c6aebe3a05f06b9e6423a0c501b2c3aa9b2dbfaf5f56167b7b481ca7fcde5d7f7697af5c7ebefc163f

  • SSDEEP

    98304:oK5IxjqynCxNbPgx8ci4fVNGz0MFyclyMu2:oK5mqyCxNQ8cFfVNoyK

  Score

  10^/10

  cerberusbankercollectionevasioninfostealerratstealthtrojan

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

    bankertrojaninfostealerevasionratcerberus

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasion

  • Removes its main activity from the application launcher

    stealthtrojanevasion

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

    evasion

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion

  • Listens for changes in the sensor environment (might be used to detect emulation)

    evasion
  behavioral1behavioral2behavioral3