Extracted

• • Target

    b2de1b8af126a6a25e33bdd4ed29721ac65d4972b337714e1517efc0bc4dc0c3.bin

  • Size

    860KB

  • MD5

    9bf2cf63c8e6873baa765aa1a76a8044

  • SHA1

    4ae0fb72b739754c1bfe2705fd732baf48da2192

  • SHA256

    b2de1b8af126a6a25e33bdd4ed29721ac65d4972b337714e1517efc0bc4dc0c3

  • SHA512

    560cea7217a14c0579ace84ad022b30454b80d7e9e8cc9ae0827f981396bee4f1d34d0695219e0c2576ab7c8fb437c3614cbf6fbb81cb14adf5580e0b94c9941

  • SSDEEP

    12288:8PSr0oa1a8Lrez7kEoSfbr39obsJ5WmpYshXZPbGwidNpg2A:8Ptoa1a2ez7drbysJ5WmD9idNpK

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3