Extracted

• • Target

    a6dc14cb4137e752b3409c6f27ff5eec52000b935ef2397e45e106ba23ba5f02.bin

  • Size

    760KB

  • MD5

    fbb9393fe5a8f677041ca80fe696528c

  • SHA1

    368eb6537c63253ad060190ca9bdc4265401b3be

  • SHA256

    a6dc14cb4137e752b3409c6f27ff5eec52000b935ef2397e45e106ba23ba5f02

  • SHA512

    137f0ebe8a78e2d97ea9a1221a1a6136f6e2e790e12dc359a62a3996aa6d8dcfdeaeefa896299bf921c725bc44dd6b80d848c7ece11c191180c12fb9a179e85e

  • SSDEEP

    12288:lhRS9a1a8LzeWy4hcWFg5WmpYshXZPbGwidNpgOM:lh8a1ameWlcWFg5WmD9idNp8

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3