Extracted

• • Target

    da4ad6f0b21aebc1205c10b77d7b1888c5e44bd657f4db18c4e53d4221e88388.bin

  • Size

    760KB

  • MD5

    066c043ef0bdabaee6c53c0bd29ade19

  • SHA1

    5a549036cbacae80ddb25820d78309cdaa79b200

  • SHA256

    da4ad6f0b21aebc1205c10b77d7b1888c5e44bd657f4db18c4e53d4221e88388

  • SHA512

    8d6d731b03d8eeb755209dccbcb0b60a231a1dce7ac286db1facd1306cd2029ca1cd0e66eaea0b2ffcd0462d70640dc6f7805274152a2a1afc3fafff77904a0a

  • SSDEEP

    12288:he5H+ga1a8LVeIjy3qSHTf5WmpYshXZPbGwidNpgH:hena1aKeIcqaTf5WmD9idNps

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3