Extracted

• • Target

    ready (5).apk

  • Size

    3.7MB

  • MD5

    a764b51401369928cac94b20fc911d4b

  • SHA1

    882f51f73905e8a9e297ff7fcc24e1e82a2087a1

  • SHA256

    d23d13dba8d480034510a14932ba0819db013fc279302e5c6f9badfbbf378441

  • SHA512

    8ce522ea96adfde150d1ee49bc3a682edfe946f4e0b0d1523f2006d20e0ee88b0ae921515b42740609ed75ffc287b287390bf60468cd5cb5b6f4c5fdb3389926

  • SSDEEP

    49152:VjUAafdzmbgdtZWKI/waqe8/2ZmaBGJymz/zdGGCQTO3gU4YqG0cgo+ML3ikjoE+:VwAiqbgdtZFawasymz/zBtTi0to+gT+

  Score

  8^/10

  bankercollectioncredential_accessdiscoveryevasionexecutionpersistencestealthtrojan

  • Removes its main activity from the application launcher

    stealthtrojanevasion

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Acquires the wake lock

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Performs UI accessibility actions on behalf of the user

    Application may abuse the accessibility service to prevent their removal.

    evasion

  • Queries information about active data network

    discovery

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion
  behavioral1behavioral2behavioral3