Extracted

• • Target

    cafd18aa6edad2e2b0b184fbeb3cd0d7b14a84da1cad7d4076020e257ac9d979.bin

  • Size

    814KB

  • MD5

    ea568a33dc46eecf3a6a21b4183881dd

  • SHA1

    0d852027265f2110a86cc6fbee7456ad761e78fc

  • SHA256

    cafd18aa6edad2e2b0b184fbeb3cd0d7b14a84da1cad7d4076020e257ac9d979

  • SHA512

    fd0811b80f0ce13a00c22a400aeaeebd852f7ab86961a55b1830ee315079a856999bedd470dd4730b4f0d83458441123a8dae338cfb80aa2c25a5689d259236f

  • SSDEEP

    12288:lO1OXh95Ia1a8LreI8S3WBTIbUCVSpSQt5WmpYshXZPbGwidNpgLY:YGhoa1a2ek3STvyQt5WmD9idNpL

  Score

  7^/10

  bankerdefense_evasiondiscoveryimpactpersistenceprivilege_escalation

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence

  • Requests enabling of the accessibility settings.

  • Tries to add a device administrator.

    privilege_escalationimpact
  behavioral1behavioral2behavioral3