Extracted

• • Target

    3ad6296695a00fc0d29b1f648ebd14c940edb70fce090c9b15379df5a8dbf04e.bin

  • Size

    760KB

  • MD5

    92f63d97633691b64c10d8934a7c9dab

  • SHA1

    aa8273c66a0db6c36d72698570a6cf9d6ef35df2

  • SHA256

    3ad6296695a00fc0d29b1f648ebd14c940edb70fce090c9b15379df5a8dbf04e

  • SHA512

    5469abcfc58b1957008604cfd124a0baf2a067108915650c69599e91e95e6deb9eb960df7afea99cf16bb24a1c8752857430668083259a4cf293545d118129e8

  • SSDEEP

    12288:pvxa1a8LVeGnI7ozNh5WmpYshXZPbGwidNpgvc:Ta1aKeGeozNh5WmD9idNpT

  Score

  7^/10

  bankerdiscoveryevasionpersistenceimpactprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3