Extracted

• • Target

    b803d3ca77088f4eb559653680c4513503e34bd63c8582108819c020f2027b29.bin

  • Size

    2.4MB

  • MD5

    585a6762bef1722fab754a49dc932f1f

  • SHA1

    fe6fdc95304b744a7c7c4746c02c29a5f3e35828

  • SHA256

    b803d3ca77088f4eb559653680c4513503e34bd63c8582108819c020f2027b29

  • SHA512

    652ca106a9b30162478104b8fdd51415a61f3d09ba6e7db00c050feabcc28b617c3d56f785d643ca0cccd5b317ba06749797814d5a2401b610902c390dfc2d66

  • SSDEEP

    49152:ja1aa7f51DlgVAYApeDPtf1vN5r/qfvR27gagjJJmcYtdRWk0d/v:E1DlghsKx1vTr/qfvR+UuvS

  Score

  8^/10

  bankerdiscoveryevasionpersistencestealthtrojan

  • Removes its main activity from the application launcher

    stealthtrojanevasion

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  behavioral1behavioral2behavioral3