Extracted

• • Target

    20e2159cac5d8a8e743b84089e817d6aa11f350cb7c4d8a88787e61791a30d21.bin

  • Size

    773KB

  • MD5

    faffde719582fd7d5d286298d95d8fdc

  • SHA1

    1c4f67d2c708655b1e997634c1948bd3e772b88c

  • SHA256

    20e2159cac5d8a8e743b84089e817d6aa11f350cb7c4d8a88787e61791a30d21

  • SHA512

    93d9283b7e40eac2c4f85f5de745105e57e13b3775aeb320d4fca653c8f01480f56bde9d7add384704d3298f3d3f92498a166e076315a75d1f6cc2c3308681a8

  • SSDEEP

    12288:flWMa1a8LdefgqI6iQS95WmpYshXZPbGwidNpgi:fna1a6efgmiQS95WmD9idNpp

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3