Extracted

• • Target

    e0cab4489a9856e65475c16cb6b1896337e5ff19d9197ebc0246b671912a3b26.bin

  • Size

    792KB

  • MD5

    04cc32d251cbcd8a5ea9e723fc6e2244

  • SHA1

    ea01fe972c5c0f4d76f232f29d3917d12f7f5682

  • SHA256

    e0cab4489a9856e65475c16cb6b1896337e5ff19d9197ebc0246b671912a3b26

  • SHA512

    6cfc886e883688d539f9e0dac84e586e8985eef9fce31eb765c3f802a99db8b280c9dd102269f387a6a6294aaf467331d8b113fda84353838f6201f3113549c3

  • SSDEEP

    12288:lYJ6C+a1a8LVeCm5mo4f6R5WmpYshXZPbGwidNpgTF:l7za1aKeCamlf6R5WmD9idNpYF

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3