Extracted

• • Target

    8fd36fd78059b612caf4306f86f8f5da_JaffaCakes118

  • Size

    3.0MB

  • MD5

    8fd36fd78059b612caf4306f86f8f5da

  • SHA1

    eff37afe2ee8864c5cdee7e07b3184a07627fcc0

  • SHA256

    bf741ef4c2558d5b8485c6de61c64e578a8198d1d050a1e1566b5e10bee207ec

  • SHA512

    ed3ab1276e8bc7cf69eb54176c491d3c63ee23d9f0d55940f322551e79941205ff194fc3d29845b1be2ca06518b0aecac6ff1735ed293964a986572a5f63f00c

  • SSDEEP

    49152:8OQRxguYJzjIt06xq/9OxeSyA6G3BOixe+zthSRfZiNUkyxlL:pHxjIfxq8cSypG3bMCex0UzrL

  Score

  10^/10

  cerberusbankercollectionevasioninfostealerratstealthtrojan

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

    bankertrojaninfostealerevasionratcerberus

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasion

  • Removes its main activity from the application launcher

    stealthtrojanevasion

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

    evasion

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion

  • Listens for changes in the sensor environment (might be used to detect emulation)

    evasion
  behavioral1behavioral2behavioral3