Extracted

• • Target

    3c8811271ff622b94b58c76299731cc298bec9dcd6389c243fbdf170bd4b1b48.bin

  • Size

    864KB

  • MD5

    02e7d3ab486ef467b63cd6f938a567db

  • SHA1

    2c45bddb2f2e746a293254d8eb6c5b36519745d2

  • SHA256

    3c8811271ff622b94b58c76299731cc298bec9dcd6389c243fbdf170bd4b1b48

  • SHA512

    1e6693418aa3430cea82c51655103f3e6c61d37f569a0db8a2ab5684742f5320a4f9b97d5283a2ff01c775f9cfd4bcd325a36e0ae50b369c8c7058d157963471

  • SSDEEP

    12288:eWlEa1a8LVefGvwqSrscccw3k5B5WmpYshXZPbGwidNpgmm+aOt:BEa1aKefGvlSwcz5B5WmD9idNpFdaK

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3