Extracted

• • Target

    a41f576a5179b7a1560da5584b595c6fbe0dccad3833bb3144a1e38074491d3b.bin

  • Size

    760KB

  • MD5

    ba6ee5a8b9123289c9ae08d236282cfa

  • SHA1

    8598d3dbb701bd1bfce7a94094cb1203c6a9dc7d

  • SHA256

    a41f576a5179b7a1560da5584b595c6fbe0dccad3833bb3144a1e38074491d3b

  • SHA512

    338f125a1ddf5fabea5d545607df2f2f8b2ddfb618b39048ac2f01c88db593781b8545e3e57ec4c83627bb6ff12f8ca906cab6e13f478f468fd20f692c0d9b71

  • SSDEEP

    12288:UV2ta1a8LzeqPknMIx15WmpYshXZPbGwidNpgK:UVia1ameqWMIx15WmD9idNp9

  Score

  7^/10

  bankerdiscoveryevasionpersistence

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  behavioral1behavioral2behavioral3