Extracted

• • Target

    EVNCSKH.apk

  • Size

    5.5MB

  • MD5

    b450171a8ac13ca5f788878b48c39db4

  • SHA1

    da40354faacdbefc240c234ece7893ee9da32a76

  • SHA256

    53cb4fe929ba6e2f55eee235546a277c9929ff01bfdaa290e0e49b434dabd5c6

  • SHA512

    dcb42137143d576e07a40cc0e1eea64b8cc0325aa38c6d84de68960c43555800a56adadd793df1c8606b08946c1ba193916825a3048956c3ce5fb64635efa3e8

  • SSDEEP

    98304:JEd7YrUT6PLk28g7gCF14HTehTtNV8VZ9k3RC/9OQlpE9Au8mzRzBHTS0t6EOy:i7oScQg7HF14zU0Z9kBk9OQA9FrzXRf

  Score

  7^/10

  bankercollectioncredential_accessdiscoveryevasionexecutionpersistenceimpact

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

    evasion

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access

  • Obtains sensitive information copied to the device clipboard

    Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    collectioncredential_accessimpact

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Acquires the wake lock

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Performs UI accessibility actions on behalf of the user

    Application may abuse the accessibility service to prevent their removal.

    evasion

  • Queries information about active data network

    discovery

  • Queries the mobile country code (MCC)

    discovery

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion
  behavioral1behavioral2behavioral3