Extracted

• • Target

    e86b59a26b9dd618f562d966cef92f2b90a2951526c57f769fcc5a0fc82d66d2.bin

  • Size

    758KB

  • MD5

    b7447e72cfdcfca697b384cde440c955

  • SHA1

    811187c2c35ff1f40f9936608dcec838eec2c57b

  • SHA256

    e86b59a26b9dd618f562d966cef92f2b90a2951526c57f769fcc5a0fc82d66d2

  • SHA512

    960434a5f375f69311c9352c00bb62b79871779f2229d27bba7f5094e90f5ab2bbf0cdf953b8617b7f5c9aef69172cfcda22a475d362f886070971a004c2f16f

  • SSDEEP

    12288:65a1a8LdeRUyOqNLv5WmpYshXZPbGwidNpgl:ma1a6eRU5qNLv5WmD9idNpO

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3