Extracted

• • Target

    HADİSE İFŞA.apk

  • Size

    5.4MB

  • MD5

    32d635c675298c86813aa8b00fb8609d

  • SHA1

    a6d780a39ebfa1780448632e96eca1d70d70e62c

  • SHA256

    9f4465c81671b67a5a757d4f0106f65758fa8c82d74aa068e7964b4c544c6828

  • SHA512

    0a9eb2b6e737c39fa3bbbe4ea2d123cc5b8976ca3bffe8a023709e82657609de9a488034b9e7f4686599c4cfe0e9c856e5c707b9e001b9a67444bc80e43d9657

  • SSDEEP

    98304:VyzBxTtmz165ytuvsOq7tpUkHSgyhv+2PO00thY4XM8memkn:6gz168Ivsj7cC0hvP+6dexn

  Score

  7^/10

  bankercollectioncredential_accessdiscoveryevasionexecutionimpactpersistence

  • Loads dropped Dex/Jar

    Runs executable file dropped to the device during analysis.

    evasion

  • Makes use of the framework's Accessibility service

    Retrieves information displayed on the phone screen using AccessibilityService.

    collectionevasioncredential_access

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Reads the content of the SMS messages.

    collection

  • Acquires the wake lock

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Performs UI accessibility actions on behalf of the user

    Application may abuse the accessibility service to prevent their removal.

    evasion

  • Requests disabling of battery optimizations (often used to enable hiding in the background).

    evasion
  behavioral1