Extracted

• • Target

    7c695c6392725a37a2c3de19211e1c3bc03c87715897d044adbe00360e2a62e9.bin

  • Size

    1.5MB

  • MD5

    a78bf373c2c15968e62ebb3318983d36

  • SHA1

    c5ba84594c2880c42826d56fcad4a01cd4ba958c

  • SHA256

    7c695c6392725a37a2c3de19211e1c3bc03c87715897d044adbe00360e2a62e9

  • SHA512

    7f5aab2a4ae23c1034790aa1d54a2addaa5491a7a7158617ef0fd4377b2a5b050fb72fc833ccdde6bd495c4728457669786b87c78ce10f94bcccd97748d4e2f9

  • SSDEEP

    24576:B8qSi0R8g3097jprmXunEw+6c/E6CH0MGgJZ99Vb0X9LofIbx343siMZMMGp0xAH:LprEunEws/E6CH0MGWZHVbELVR4aWH0E

  Score

  10^/10

  cerberusbankercollectioncredential_accessdiscoveryevasionimpactinfostealerpersistenceratstealthtrojan

  • Cerberus

    An Android banker that is being rented to actors beginning in 2019.

    bankertrojaninfostealerevasionratcerberus

  • Cerberus family

    cerberus

  • Removes its main activity from the application launcher

    stealthtrojanevasion

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

    evasion

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access

  • Obtains sensitive information copied to the device clipboard

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact

  • Queries the phone number (MSISDN for GSM devices)

    discovery

  • Performs UI accessibility actions on behalf of the user

    Application may abuse the accessibility service to prevent their removal.

    evasion

  • Queries the mobile country code (MCC)

    discovery

  • Requests changing the default SMS application.

    collectionimpact

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion

  • Listens for changes in the sensor environment (might be used to detect emulation)

    evasion
  behavioral1behavioral2behavioral3