Extracted

• • Target

    c5a85080651948045fb785d4a4094ca238f1495b42f374437e8896891a451e3f.bin

  • Size

    760KB

  • MD5

    6759f526685e5862561e978691c88f9b

  • SHA1

    755849170ffc4493840d91c6a7e77fa8e244763d

  • SHA256

    c5a85080651948045fb785d4a4094ca238f1495b42f374437e8896891a451e3f

  • SHA512

    5ab3f26d2d185af65b6696a6efbe3e6365ed56dd3b1cc24cc439c84dcdefef1f372d465c810934f3ef4748ac3bf76f4929bbe75071aa5d05ad757aac126b31a3

  • SSDEEP

    12288:SjbGzfa1a8LreobCZKbnb5WmpYshXZPbGwidNpgHy:Sjka1a2eoeKbnb5WmD9idNpp

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3