Extracted

• • Target

    c4cdcfb645cb50451f6a5cf792ef91e07aa1ed166ad99f59358eb8b9a1284440

  • Size

    7.0MB

  • MD5

    241b578fe963ad199fd5bdc0bb50f4ca

  • SHA1

    3a9fe80e346356dd1b7a12765fc941f7d584d943

  • SHA256

    c4cdcfb645cb50451f6a5cf792ef91e07aa1ed166ad99f59358eb8b9a1284440

  • SHA512

    52e6d4a9164480af0f3c3d5e08d85d25054ccb2f6ac57bf7db7ea4f0c8b9a60a2829ac4e7310822e289fa8ee4d25d9b4146014681ef16cb404ed2a03cf2d5e62

  • SSDEEP

    196608:p8/u+xgCR1D6Du6gUxL8wLszeEvf/QuN707b:aG+HD6yJUx9LnG70f

  Score

  8^/10

  collectiondiscoveryevasionpersistence

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasion

  • Checks memory information

    Checks memory information which indicate if the system is an emulator.

    evasiondiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Reads the contacts stored on the device.

    collection

  • Reads the content of the call log.

    collection

  • Requests enabling of the accessibility settings.

  • Acquires the wake lock

  • Reads information about phone network operator.

    discovery

  • Checks the presence of a debugger

    evasion
  behavioral1behavioral2behavioral3