Extracted

• • Target

    68e5d5ff28c72586b5c17e556650f358483587fc6561a428b5a3f816425406a8.bin

  • Size

    760KB

  • MD5

    9d11a6f85dafce43f0793ad6eabec6cc

  • SHA1

    9d5d76f2b38ddc2a6da92745a8982fc231733460

  • SHA256

    68e5d5ff28c72586b5c17e556650f358483587fc6561a428b5a3f816425406a8

  • SHA512

    63e31e8b22dda8b1de7fda1768b608cd671d20622060abc633da383e41dbe5b985d1edf6cfc830bc9f395d5fc12c38321c6b66e14a1567cdd33fb4d4d0428351

  • SSDEEP

    12288:Vq4zja1a8LrePXbvTo8W5WmpYshXZPbGwidNpgA:Vna1a2ePDTo8W5WmD9idNpb

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3