Extracted

• • Target

    891e7983a831dd3c159591cf17ca66b4197a2498bd0908362473dbce6c48f32d.bin

  • Size

    786KB

  • MD5

    bc8e11af550a6b134c3261297863ae34

  • SHA1

    65d3efb6c67f50296aaf979c9f3f18c7897d9607

  • SHA256

    891e7983a831dd3c159591cf17ca66b4197a2498bd0908362473dbce6c48f32d

  • SHA512

    d01f5b010b72620920ddbbec762c51453aa64df293d9db066e99e9adf5b301dba4db5a96235af40e1d537fc5177b8d4cc850784b7b9a4d0799b671a7daf954ce

  • SSDEEP

    12288:AZ0a1a8LdeViGuqDAvDe5WmpYshXZPbGwidNpgWi:Aua1a6eVhuqUDe5WmD9idNpRi

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3