Extracted

• • Target

    79406a37aa56c8c3b0a6f6eeb48cf5a5_JaffaCakes118

  • Size

    2.5MB

  • MD5

    79406a37aa56c8c3b0a6f6eeb48cf5a5

  • SHA1

    118fa2cf82b7ca85cc59eb8986b1537ca5fcd38e

  • SHA256

    0314ea6ad3cf224a9417ccfd1f8a784a836472094c04a6bc2ffb688313131ecb

  • SHA512

    9728401f7de75781b6aa36e49a2f2ceb89e913b7d7e27330f7e88841dd782746a4adaa01f66172afa3cf946db4814b243c07d075f3ca03ec8a6739b9b63bd4a6

  • SSDEEP

    49152:RqlBejgkVwtbraC9Ww/NZ9GLud4ijdbSDaOi1K:clAd2brD8w/X9GLW4va0

  Score

  10^/10

  cerberusbankercollectionevasioninfostealerratstealthtrojan

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

    bankertrojaninfostealerevasionratcerberus

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasion

  • Removes its main activity from the application launcher

    stealthtrojanevasion

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

    evasion

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion

  • Listens for changes in the sensor environment (might be used to detect emulation)

    evasion
  behavioral1behavioral2behavioral3