Extracted

• • Target

    Instagram_src_sign(Copy).apk

  • Size

    5.5MB

  • MD5

    a64b52af666ac8508f0c414de3284813

  • SHA1

    6490034e0f75fa4da9cbeeb378e6142e69ae3c21

  • SHA256

    0edae656db4b5626b6dde1786af67d455a843d8fa6059a5a88eeb2b0ae214aa2

  • SHA512

    71bd20bbf513faf86022d0c2ac30fcb7725884f7aab73ce6b13fbce3cf8301158fb8582ca6889d22dd3bd113545a8b15a85c3dd1cc2a6084c058dd45da902f03

  • SSDEEP

    98304:NwubXW62AALy6GqYZpcQb788aGg82Qr9pzbuV7zphCIJaL31M8UofrFF3NP2:NrXZJ6nicQHNaf8/IXrJaD1B3V2

  Score

  8^/10

  collectioncredential_accessevasionimpactpersistenceransomware

  • Checks if the Android device is rooted.

    evasion

  • Obtains sensitive information copied to the device clipboard

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests accessing notifications (often used to intercept notifications before users become aware).

    collectioncredential_access

  • Requests enabling of the accessibility settings.

  • Changes the wallpaper (common with ransomware activity)

    ransomware
  behavioral1