Extracted

• • Target

    7858ede01f01e3c9db35c06db934ae81a8e21be79a03427d8f41a53ee344250a.bin

  • Size

    758KB

  • MD5

    f87abf520312da4dac613893bfa8a3fa

  • SHA1

    0b56b73b96fd8d2b2f044aad533d80f6e040d3f8

  • SHA256

    7858ede01f01e3c9db35c06db934ae81a8e21be79a03427d8f41a53ee344250a

  • SHA512

    68725dcb42968923cc7bb823e77187fc14993432ebc9d86f1f61e9afbda14530ca419a9788126ba955ea30c7b893704bb676658c1226aca6c9ec90b907f45f73

  • SSDEEP

    12288:5oa1a8LVevYwqilHp5WmpYshXZPbGwidNpgJ:5oa1aKev1qilHp5WmD9idNpO

  Score

  8^/10

  bankerdiscoveryevasionpersistence

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Registers a broadcast receiver at runtime (usually for listening for system events)

    persistence

  • Requests enabling of the accessibility settings.

  behavioral1behavioral2behavioral3