Extracted

• • Target

    622e912874ef0009419ae4de67d22771390518dc6a5d8d076e1bdcac727edcc6.bin

  • Size

    760KB

  • MD5

    3ca4e51f5db4e63a86da9181b2208cae

  • SHA1

    55d6d52b2a6ff42b0346c4e4b7dddc10e4924b7a

  • SHA256

    622e912874ef0009419ae4de67d22771390518dc6a5d8d076e1bdcac727edcc6

  • SHA512

    3fd9c578e5200ad071ffef8132223b199f99a13f5c60d425bc23fa6d36ddeb5fa193412429bc4d4407bfa49ed2229b6719bd2ff404ce52bdea10fa15ae3fc948

  • SSDEEP

    12288:LW1pIVOa1a8LVeADixW3LD5WmpYshXZPbGwidNpgCG:LW3a1aKeA+W3LD5WmD9idNpy

  Score

  7^/10

  bankerdiscoveryevasionimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3