The analysed malware, internally baptised as PowerFakeToken, has been identified to belong to the Android/FakeToken.A family.

In a nutshell, the mentioned malware family pretends to be a mobile token generator, typically used for transaction validation in online banking systems, but in fact it is an application whose purpose is to steal sensitive credentials to perform transactions on behalf of a valid user and to execute commands from a central server owned by the attacker.