Extracted

• • Target

    fedbc9f8756e2ae8979417c02c39e027a7605acbdb0ea670805718a583116e09.bin

  • Size

    860KB

  • MD5

    f1073fd30704e7877c609182cb8b2562

  • SHA1

    a65fa2e2e43901808a993d8ce85d23e8de15bfc2

  • SHA256

    fedbc9f8756e2ae8979417c02c39e027a7605acbdb0ea670805718a583116e09

  • SHA512

    068165e98c0f8b416e1271b572e735265e737297c265df4b0a051c54414f58eed8733c6f259a13258ec5e2c45dd712aa7718995852ca513bea2fe5cd433c2ada

  • SSDEEP

    12288:U5/F4a1a8LrecfBgBSQFB7LSionR5WmpYshXZPbGwidNpgUw:Aya1a2ecpQSqYnR5WmD9idNpu

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3