Extracted

• • Target

    eeafbd04a860753a7b39cc0cc9d4a420289548ee8f17474a30b3653ab548408c.bin

  • Size

    1.5MB

  • MD5

    9459f6f67467c710acaf05cbdc702484

  • SHA1

    39ff34ef9f6022af7fd841892265b66549e8f299

  • SHA256

    eeafbd04a860753a7b39cc0cc9d4a420289548ee8f17474a30b3653ab548408c

  • SHA512

    26e8ebe2d0b1ef9f591f99716a20120f6146338a04522ed69abb5598d0e70422f3d5dc95c207b7989dc49537eea32c32b3f51431d2d4e89025283aac15b1c948

  • SSDEEP

    24576:y5a1amebpXnqkT2OQboUuoFcKfp10U3r9ez9Uuw5WmD9idNpA:Ua1aFnqI2OQboUuoGk7cpeWk0d/A

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3