Extracted

• • Target

    dbaa36de3c1b2f099a1f133ddde7668f2062cf349f87d361b81f8dd49ca35d06.bin

  • Size

    760KB

  • MD5

    45e9bbdea000d4e5643b16e0a7984c3e

  • SHA1

    d6cfaa46cb050e1b65dcd15114e3c057d607f155

  • SHA256

    dbaa36de3c1b2f099a1f133ddde7668f2062cf349f87d361b81f8dd49ca35d06

  • SHA512

    7accf059015bd2ded13c5d4379b94e412424daefb81bceaa3d3002913b1f0d44c0a9e022c9cc406c303af9d5416d660de532fb55d1274cc8356396f5fcaae31d

  • SSDEEP

    12288:xRMJa1a8LzezJfMVhWA5WmpYshXZPbGwidNpgUH0:xGa1amezmVhWA5WmD9idNpy

  Score

  8^/10

  bankerdefense_evasiondiscoveryevasionpersistencestealthtrojan

  • Removes its main activity from the application launcher

    stealthtrojanevasion

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    bankerdiscovery

  • Makes use of the framework's foreground persistence service

    Application may abuse the framework's foreground service to continue running in the foreground.

    defense_evasionpersistence
  behavioral1behavioral2behavioral3