Extracted

• • Target

    8e9c47f01d73d61561f6f7e9c228edbc1120fa7d6c7b85c0340afc1e3066403c.bin

  • Size

    774KB

  • MD5

    e6199369e101bbaf6db2d9bfdb716e43

  • SHA1

    4bf825dc24bfe41015b9c6e7d301b6477e5b39f2

  • SHA256

    8e9c47f01d73d61561f6f7e9c228edbc1120fa7d6c7b85c0340afc1e3066403c

  • SHA512

    95781bcc2acb6a5bdb4bdd8a133f0b703cd8dd72003867518d5b8d42f959f34f2ab240e45178f448252cab207960982833eabc4b9836748cf9cc634298910a9e

  • SSDEEP

    12288:h2inJ6sgRwLz2UzrI+PrH5WmpYshXZPbGwidNpgB:VJ6sbLzV4+PrH5WmD9idNpi

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3