Extracted

• • Target

    d7abb06a35ca136d3f57bed2b53354e0f3ea240726f0d0e77e13f2976e872c7d.bin

  • Size

    760KB

  • MD5

    b3139a71c05bfdca87a5802c6fddba72

  • SHA1

    34130fc99d90a1261779ebedc844679b85aa849a

  • SHA256

    d7abb06a35ca136d3f57bed2b53354e0f3ea240726f0d0e77e13f2976e872c7d

  • SHA512

    3830e30006c8e402a00feaa7ce3c05bdd6bd8a715259f57362fd17930980174bebc4e6cce2c00a8cbd9ea2149e85a058ec90c01a3dc4f1cb1260daa7fbf0a22f

  • SSDEEP

    12288:jnfVy9a1a8LreBl54v5k65WmpYshXZPbGwidNpgWd:jf0a1a2eB8v5k65WmD9idNpB

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3