Extracted

• • Target

    6b532872501794aafc6e2f1230908d34d5f4003fbd454f104c7b72f7e7e9db35.bin

  • Size

    760KB

  • MD5

    8c40e0e731b594820a4df622be51a42b

  • SHA1

    d7c84a4c7e5247d048099edd717187cbd661bc2a

  • SHA256

    6b532872501794aafc6e2f1230908d34d5f4003fbd454f104c7b72f7e7e9db35

  • SHA512

    0fdfd4f064f83f0450efcf8bd3ce3687954b3581aef18bd9132818733e7d5223f0f6719c18525d24f6004d839bbc8ba26f186e502697936eaec56329b77c5bfc

  • SSDEEP

    12288:Ex5iDfa1a8LVedB1urIRce5WmpYshXZPbGwidNpgi:Ex8a1aKedWrWce5WmD9idNp1

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3