Extracted

• • Target

    26abbdd33c2c94a4fea32a2afdc7247448b920f17594201b5c5197f025448eda.bin

  • Size

    860KB

  • MD5

    49180b00b8ed0c7a4892f48e54984c45

  • SHA1

    042daf177c34f48ac39a95c81bcad76edd62180b

  • SHA256

    26abbdd33c2c94a4fea32a2afdc7247448b920f17594201b5c5197f025448eda

  • SHA512

    b329992fdb083be4f52f27006d5f9d9ae7c1d8bd878ca954870197279b37bbd593a99e745562e5f103b1f8b135d2c6a2f7b0bb292be81b3f93e22a354c8b8469

  • SSDEEP

    12288:sO159lxa1a8LVevGvwtYM2iNsw3fzy5WmpYshXZPbGwidNpgXo:B3xa1aKevGvAYziHzy5WmD9idNp7

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3