Extracted

• • Target

    daec93b0cbd0db879af2fa9b90b0a09c5718124228ff988943802f1d3e77dda0.bin

  • Size

    760KB

  • MD5

    e0167a97aa61ae8fc457b6ea8a097261

  • SHA1

    3ef468868128f1d038fdab8d83e7442d082d8d41

  • SHA256

    daec93b0cbd0db879af2fa9b90b0a09c5718124228ff988943802f1d3e77dda0

  • SHA512

    e00a1a4419d67765513f4ffb20173fb7f9cd4d9e0ce30941b6ba4ab30f2e3c0f1873878a8e735c116fce09b5e453adc5bfaf06a1992bc19d7e08f22c9306741c

  • SSDEEP

    12288:OoKHsJ6sgRMLztBRQ3jAy5WmpYshXZPbGwidNpgy4:OopJ6s9Lztk3jAy5WmD9idNp4

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3