Extracted

• • Target

    86a3235e5fe3b107841b9ac6eb04acb4_JaffaCakes118

  • Size

    2.9MB

  • MD5

    86a3235e5fe3b107841b9ac6eb04acb4

  • SHA1

    17a5ff71f1e63bcb2de859e6f8d18a4cd24d7f51

  • SHA256

    86f6bf9b039439d1f1f30325e8dea209511775fbeb55116c52299c527e463c1a

  • SHA512

    79845ce9923d43cd271957a0c349b7e634ba685daf506f9777670b07f84d867e9ead357bbebfca731421497fb8f5fc9166a7c8667351e6d6a0ff78898493c8d7

  • SSDEEP

    49152:cxXp3bY4EOqbFKvOUGISuoK/HD3vzf23I5yte1+LrPH:I5LY4qYWUGISBK/rvL23IUtV

  Score

  10^/10

  cerberusbankercollectionevasioninfostealerratstealthtrojan

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

    bankertrojaninfostealerevasionratcerberus

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasion

  • Removes its main activity from the application launcher

    stealthtrojanevasion

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

    evasion

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion

  • Listens for changes in the sensor environment (might be used to detect emulation)

    evasion
  behavioral1behavioral2behavioral3