Extracted

• • Target

    ready.apk

  • Size

    668KB

  • MD5

    3daaa5746bdf53dc09bcac47f16b5f8d

  • SHA1

    24669b42b00c73146f97541cba84543f4a59590a

  • SHA256

    2ca767b0d1f88e2a1c1aa321f1e667b40f3f4d1d6549fbb5c239dd3b33140030

  • SHA512

    42e77d0dfd2af4df00a5aae72f5186710f5b00d022353213753970d80113aa2df6c34c72c3f52c12f625d8631f88b555f634ca17fa93bfa0eeb94ef0a868d9ae

  • SSDEEP

    12288:G4nt6wnX70INaNW0x3tWhUSjMkHwzODdau/fusT3cgtN0F7mM6Rq21IgqT:GqhnX7XNsFPkHwzCamfHT3SF7mMGNdqT

  Score

  8^/10

  bankerevasionstealthtrojan

  • Makes use of the framework's Accessibility service.

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

    banker

  • Removes its main activity from the application launcher

    stealthtrojan

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

  • Queries the unique device ID (IMEI, MEID, IMSI).

  • Requests enabling of the accessibility settings.

  • Makes a phone call.

  • Reads information about phone network operator.

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion
  behavioral1behavioral2behavioral3