Extracted

• • Target

    d82f888e135f27c196fd3e9db506064c3f7f7ab07f3103a5e7cba95259808e4f.bin

  • Size

    782KB

  • MD5

    bf7549427a9881f9281a15132c20e7f2

  • SHA1

    5ae72816f6c270efd3838ca18bd49d3d6e24bd05

  • SHA256

    d82f888e135f27c196fd3e9db506064c3f7f7ab07f3103a5e7cba95259808e4f

  • SHA512

    603b368c447835596c7791f24a49b5e6028bd434d22bf245cda3889e6d31825cbd7a04de0e1823499396e1d8adc4a7bd6f2cb741e47a04e4a9e56e05f1824834

  • SSDEEP

    12288:R+uLHOa1a8Lde+bXBq2elY/8k5WmpYshXZPbGwidNpgo:R1ua1a6e+bxqTY/V5WmD9idNpb

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3