Extracted

• • Target

    06818925ff56be601315626f14ef841dbfcdedd08ea9ad375a6fb12796aa5443.bin

  • Size

    784KB

  • MD5

    994cb80009c4a37803e659147ec3a069

  • SHA1

    ff6fb98be98cbdb45732912fb07940b39d2c9ec1

  • SHA256

    06818925ff56be601315626f14ef841dbfcdedd08ea9ad375a6fb12796aa5443

  • SHA512

    2471ae2b3229554cb8404106fb1be03cde523cfa87eac4a41b365e4f14f423d26994a7022f1a7cb79be6359acb9ab70f357db34065b0c796b38c5aba2b7d94cc

  • SSDEEP

    12288:LsZmRGkBX0yh2+x6FQDWjupqFDkeSJ902b/E6hz1GUt:LsZmJSywW6KDWjupqTm902o6hRGa

  Score

  8^/10

  bankerdiscoveryevasionpersistencestealthtrojan

  • Removes its main activity from the application launcher

    stealthtrojanevasion

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence
  behavioral1behavioral2behavioral3